QUOTE (Page 241)
If you are the device’s owner, or the device’s owner has given you permission to jump into the device, you don’t need to make a test.
QUOTE (page 236)
When you’re hacking things, putting your mark on it encourages that thing to recognize you as legit. It’s no guarantee—just as a sharp-eyed border guard can nail your visa for being fake, and hosts are sometimes not fooled by your hacked mark—but the more marks you get on something in the Matrix, the more likely it is that you’ll be accepted as a viable user, or even an administrator.
QUOTE (Page 248)
While the act of placing a mark is an illegal activity, the act of simply having a mark is not. Once you have the mark, you are considered a legitimate user.
Ok, so for the most part I like the idea of a MARKs, and I do no want to return to the system of permissions. I've noticed that some of the matrix actions are written form the perspective of a Hacker abusing a system he doesn't have legitimate access to (like Control Device), and some of the actions, like Jumping Into a Drone, call out rules for when you do have permission.
So I'm thinking that "Permission" is marks, but that the system treats illegitimate (hacked) marks different than real (invited) marks. Invited is the key, see page 240 "Invite Mark." If a mark has a valid invitation associated with it, the mark is valid. If all the marks you have on something are valid, then you have permission for all the actions the marks allow. That means no needing to roll vs a Host to edit a file, and no needing to make a sleaze based roll to use a Smartgun.
That last example, the smart gun, is applicable to the "security guard" mentioned on page 227: "A security guard’s weapon might be in her holster, but its owner is the corp that employs her. " If that guard has 3 legitimate marks on the gun, invited by her employers, she can use it just fine despite not being an owner. However, should a Decker sleaze a mark onto the gun, they need to make skill checks to force it to accept commands, as noted in the Control Device Matrix action.
This does, of course, make spoofing more potent, because it can be used to create an invitation instead of hacked marks. That invitation, which could be for a full 3 marks for 100 years, would allow much cleaner access to the device. To counter this setup being too effective, I'd make it possible for the owner of a device to revoke an invitation for marks after the marks are placed, effectively turning those existing marks into illegitimate ones. Only an Owner could do this.