Bill Studenmund wrote:
> > 3) There's nothing preventing the authenticator from giving the kernel
> > some data before exec. Of course the standard method of passing data
> > from the authenticator to the final process is through env[]. This
> > however doesn't prevent you to pass data any other way, like a pipe, or
> > set some tokens before exec for your Kerberos or AFS in the kernelin my
> > understanding.
> 
> It's not set some tokens before exec, it's set some tokens in the original
> process. It's already running, so do-before-exec actions won't help.

Okay then, what's preventing you from do-after-exec actions?