It's possible to use the anonymous_user_id to set different anonymous users for different siteaccesses so each siteaccess will have a different set of permissions for the anonymous users.
To see how this is configured:
eZ Publish has a varnish.vcl file where you can set the X-User-Hash thta will be used to detect and handle anonymous users cache:
Now, if you use anonymous_user_id to configure multiple anonymous users, how the X-User-Hash should be configured so Varnish will work nicely?
It's important to document this.