I'm wondering about this problem. If you have a server process running, which you launched under your admin or root account, and a client application executes code on the server, say a system call, the server process will execute that system call as the admin or root instead of the user of the client application. Is it possible to switch users or run the above mentioned system call as the user who is running the client application? Thanks for any ideas. I'm still searching the groups and web for this information. This seems to be a common problem, so there must be a worked out solution already. Thank you.
This is not something that you can do in pure Java. To do this in C, you'd either have to start a sub-process to handle each client request, or you'd have to have a single-threaded server that switched EUIDs for each client. In Java, the first alternative is certainly open to you; you'd need to fork the children through a small "glue" program wihch would do the the seteuid() call, then start the JVM. As far as the second alternative: I'm not sure if this would work or not, but you could certainly try it: write a native method wrapper for seteuid(), and then make sure you only handled client requests on a single thread.