(In reply to comment #17)
> If you can get this working well and securely, I'm happy to
> review/merge.
On the other hand, I still think a more appropriate solution to the problem you outlined on the mailing list and in your git repository (dynamically-allocated users/groups without editing /etc) would be to install a nss module that understands those users/groups; or if your libc doesn't have pluggable nss, modify your libc to know about them directly, like Android's Bionic libc.
If this feature request can't be satisfied in a way that is clearly secure, I'm afraid I would prefer not to satisfy it at all.
(In reply to comment #17)
> If you can get this working well and securely, I'm happy to
> review/merge.
On the other hand, I still think a more appropriate solution to the problem you outlined on the mailing list and in your git repository (dynamically- allocated users/groups without editing /etc) would be to install a nss module that understands those users/groups; or if your libc doesn't have pluggable nss, modify your libc to know about them directly, like Android's Bionic libc.
If this feature request can't be satisfied in a way that is clearly secure, I'm afraid I would prefer not to satisfy it at all.