Thanks for the feedback David.  I've adopted your recommendations.

David Laight wrote:

> NFS loads user credentials directly, to be absolutely sure
> root privileged are not checked by mistake the 'e' and 'sv'
> fields should be set to be the same as the 'r' one.

I was hoping to develop an interface in conjunction with ACLs
that would allow the credentials to be checked without frobbing
the inner details of the ucred structure.  Little steps...

> In sys_execve (kern_exec.c) and fork1 (kern_fork.c) you are
> calling crcopy() when the cred structure is unchanged.
> This stops structure being shared.....

You're right about fork1().  sys_execve() preserves existing
behaviour.
 
> Why did you use memcpy() instead of structure assignment in
> crdup and crcopy?

I don't like structure assignments.

	-- Gregory McGarry <g.mcgarry@ieee.org>