>>> [U]sing sockets for kernel/userland messages makes a lot of sense.
>> It does.
> Socket interfaces are fine, but they are not convenient to delegate
> to unprivileged users.

They are if they are properly designed.  For example...

> A character device, however, you can "chmod 600 /dev/dev0 ; chown
> dyoung /dev/dev0".

Yes.  Now, if an ioctl on /dev/dev0 takes as (part of?) its argument
one of a pair of connected sockets, taking over that socket as the
kernel end of the communication, then you have the flexible access
control of a device with the interface utility of a socket.

I would have thought the rest of my note described what I did in
sufficient detail to make this clear.  (The project I worked on didn't
use a character device, but that was because of the nature of the
desired interface.)

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B