Has the start-stop-daemon been hacked so that it can start servers
with no privs yet? If not, that might be a cool project for someone
looking to enhance an important app.
For those not so familiar, start-stop-daemon is used by various init
scripts to make sure the PID is recorded, and that the daemon is
started with the correct priviledges.
I haven't thought about this much, but it would be interesting to look
at how the scripts are written. If a daemon offers Hurdish
authentication features, it should be started with no privs. If it
does not, than it should be started with traditional privs.
Anyhow, it's something to hack on if someone has the time.
Abandon the search for truth; settle for a good fantasy.