Although this is an interesting idea, I have misgivings about running even temporarily with any sort of extra privileges; C++ executables in particular may run a fair bit of code from static objects' constructors before main() ever starts.
I would counter-propose introducing some sort of ELF tag that ld could set and the kernel and ld.so could check; while this would be more involved, it would be less hackish and would avoid introducing new potential vulnerabilities. -- Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org) http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/[EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]