> How will donning the role be done? As Jim points out, each operation > should be controlled through an authorization (or not in the case of > read operations that don't require any restricted access). Does the > library fork a process under a new role if it detects that the caller > has the appropriate authorization?
I really hope it doesn't come to that; fork() and libraries rarely mix. -- meem
