Guard settings control access to the transitions, variables or work lists. If a user possesses any of the permissions or roles specified, or if one of the expressions evaluates as true, then whatever is being guarded is accessible. If no permissions, roles or expressions are specified, access is automatically granted.

You can supply several options in each field by separating them with a semicolon.

The context in which the guards evaluate permissions and roles is obviously important. In the case of transitions and work lists, it depends on the category. If it's worklist, then the context is that of the content object, and local roles will behave just as you'd expect. If the category is global, then the context will be the site root, so the local roles between the site root and the content won't be considered.

[Note: What about variables?]