On Tue, 29 Dec 2009 15:27:22 CST, "Serge E. Hallyn" said:
> I think i disagree.  A uid is just a uid (or should be).  One day we may
> have a way for a factotum-style daemon to grant the ability to an unpriv
> task to setuid without CAP_SETUID.  I think slingling uids and gids
> around that you already have access to should be fine.

Yes, but not doing the clear and obvious simple thing now for a "one day
we may have" consideration seems a poor engineering tradeoff.

Yes, slinging uids and gids around *would* be nice.  But first we need a clear
plan for making /usr/bin/newgrp a shell builtin - once that happens, *then*
we can re-address this code. ;)