I've considered doing something like this myself in the past but I always end up with something that isn't actually any easier to use than fork/exec or these days posix_spawn(3C)/posix_spawnp(3C).
Scott's comment about being able to specify privs and uids is a useful one and one that Nico and I have talked about in the past. posix_spawn(3C) already allows specifying the uid/gid of the child using posix_spawn_file_actions_t. I believe it should be possible for us to add new actions to cover privilege sets, especially since there are already two _NP (non portable) extensions defined in Solaris. The one case that this really helps with is the snprintf(buf, ...) ; system(buf); where we have a single char* rather than a argv[][] style array of arguments. I think it would be better to work on enhancing posix_spawn() and/or providing a variant of it that took a char* rather than argv or varargs style. posix_spawn() is already very close to what you want anyway. -- Darren J Moffat
