[EMAIL PROTECTED] writes: > all processes with the same uid can potentially influence each other > by modifying files in the home directory - as the home directory is normally > used to find [references to] resources, via dotfiles and alikes.
... unless there is no home directory. At least, no home directory which can be accessed using only the "UNIX UID" as a credential. IMHO this is the sensible approach for AFS/Coda and similar systems. I'd worry more about various IPC and shared-memory facilities -- for example you can attach a debugger to any other process with the same UID. A possible solution is to synthesize a new UNIX UID for each login shell (could probably be done in a PAM session module) and reclaim them when the user logs out. If the only publicly writable space on local disk is /tmp, this should be easy to clean up after. - a
