On Sun, Nov 05, 2000 at 07:47:04PM -0500, Todd Vierling wrote:
> 
> Has ANYONE in this thread considered that we already have a possibly more
> secure mechanism for this, that could be combined simultaneously with
> authentication for use by a non-suid program?
> 
> See unix(4) and its description of passing fd's via a "cmsghdr".

Uh, hello, that's *exactly* what I've been proposing all along: exec
a small program that only your program can run (because it's group-execute
only, and your program's setgid that group) that is setuid root; the small,
easily verified program gets the descriptor you want and passes it back to
you.