After consolidating all of the lock code into a "refresh" method, I realized that there are some pretty big races in the group/passwd code. You can't just protect the reading of the buffers against multiple access, you have to protect all operations which manipulate the passwd/group buffers since they could be changed out from under you otherwise.
So, I will have another revamp coming shortly. cgf