As mentioned on IRC, I think a cheap form of ACL can be maintained using OpenID in ikiwiki.
Say I want to limit edits to wiki.webvm.net to users of that machine. For the user 'hendry' I create a http://hendry.webvm.net/ OpenID (which actually delegates to http://hendry.myopenid.com/). And likewise for other users.
So I suggest an ikiwiki configuration like:
users => ["*.webvm.net"],
Would only allow edits from openIDs of that form.
This kind of thing can be done now: --Joey
locked_pages => " and !user(http://.webvm.net/)"