>   Has ANYONE in this thread considered that we already have a possibly more
>   secure mechanism for this, that could be combined simultaneously with
>   authentication for use by a non-suid program?
>   
>   See unix(4) and its description of passing fd's via a "cmsghdr".
>
>how does this fix ping & traceroute as they currently stand?

they could be changed to do this:

int
main(int argc, char *argv[])
{
	/* various declarations */
	int p[2];
	pipe(p);
	switch (fork()) {
	case -1:	err(1, "fork");
	case 0:		close(p[1]); suid_function(); exit(0);
	default:	close(p[0]); setuid(getuid()); break;
	}
...

and then it could repeatedly ask for the sockets that it needs,
without you having to audit anything except suid_function().

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."