But it's still SUID. Now you'd have SUID shared libraries
-- yuck! What's wrong with a client/server model? Define
protocols and implement some means of passing resources
(such as open file handles) and delegating privileges
(such as access to a given "privileged" TCP port).
>From a security model, there's no real difference between a Protected
Shared Library and a client/server model where the server is running as
root. Think about it....
In fact, if you're depending on "privileged" TCP port, a client/server
model would be *less* secure than a properly done PSL....
- Ted