Administration and role changing decisions are made in the respective individual functions, which have been implemented as additional system calls.
For most requests, the decision function only takes the process current role, the object type and the request and matches them against the type compatibility settings.
The notification function performs all implicit role and type changes for existing or newly created processes and objects as specified above.
The time values tn and tn+1 used in the specification are interpreted as
at the time of the decision request call and directly after
the notification call. Since all attribute changes from the specification
rules are either for the requesting process only, or for a newly created
object, which cannot be accessed by any process before notification has
completed, race conditions can only occur with active administration.