>struct sockcred {
>	uid_t	sc_uid;			/* real user id */
>	uid_t	sc_euid;		/* effective user id */
>	gid_t	sc_gid;			/* real group id */
>	gid_t	sc_egid;		/* effective group id */
>};

>Really all you need are real and effective user/group ids (that's all
>the rest of userland really has to play with, anyhow).

Yes the id's are all that the kernel check, but the login name can still be
useful - for logging if nothing else.

Also, I think something like this would be more useful if there were
provision for an opaque token of some reasonable length.  I'm
thinking of when we are all trying to implement single sign-on and 
wanting to pass digitally signed tokens about...

Of course that is getting right away from the original idea :-)

--sjg