The idea of a generic access control gateway for FDB has been discussed before. Ryan Worl released his version of doing so Introducing the Redis protocol FDB Gateway. This also culminated in a discussion of how to push this down into FDB itself.
During a previous conversation about restricting what clients can access, AJ brought up a very good point that the directory layer is written such that it is somewhat difficult to ACL by prefix. It uses \xfe to hold a map of directory name to shortened prefix, and thus all clients need to be able to see all of it to properly resolve their directories. Some \xff keys are needed for bootstrapping as well. Potentially leaving \xff and \xfe as read-only by default (but excluding \xff\x02 to all) would work, but it’s more than a trivial problem.
In the current state of things, I think pushing ACLing into a layer that you control is the correct approach. You can also run this as a layer process that is co-located with clients, so that the overall latency is roughly the same as if the client was directly issuing the operations. FDB 6.2 should contain some improvements to client scalability as well.