> The program is SETUID to root. If root can't read the device, everyone
> who calls "mount_ados" can it.

I think Chris' original point was lost on you here. Setuid to root (or
any other user) doesn't mean the program unconditionally appears to have
been executable by root (or whatever uid its owned by).  I beleive that
when a program is setuid its "effective" user id is set to that of the binaries
owner.  The process' "real" user id remains that of the user who ran the 
binary.

Anyway as has been pointed out, the problem is with adosfs and not the 
permissions of mount_ados.

> Matthias Scheler
> tron@lyssa.owl.de

Chris.