> *** Warning only the truly security PARANOIDs will like this ***
>
> Forcing registraction with a "machine assigned" magic cookie
> in each binary before it could access superuser functions in the
> kernel. With ever increasing security risks both system dependend
> and indepenend. For example rogue Java scripts and programs,
> viruses and the like specific to Linux (not that i have ever
> seen such an animal).
>
> The kernel would require machine dependent magic cookie to be
> registered before programs would be allowed to access to suser
> functions, The following are examples of programs that would
> require modifications to run in this secure invironment
> .i.e. fdformat, fdisk, setserial, etc. Once compiled the binaries
> would be stored in a secure place (a non-loaded floppy disk)
Using securelevel and the immutable attribute of ext2 would solve
your problem without your suggestion's problems.
Ralf