I am playing around with some privileges in an authdb file when using the unix security 
protocol and I have some questions as to precedence of entries in the file.

In the example of fungible paths, an example is given with:
u * /xrd lr
u = /xrd/users/@=/ a

but in the header of the section there is a line that mentions:
"The privileges associated with first prefix that matches an incoming path name are 
considered to be the applicable privileges."

Assuming that user bob want to write a file at /xrd/user/bob/somefile, why is it that the 
second rule is used, rather than the first, since /xrd is a prefix that matches?

Additionally, can the same identifier be used multiple times?

u bob /some/path lr
u bob /some/path/additional a

or cant this only be done as:
u bob /some/path/additional a /some/path lr