@pid_eins That sounds like a nice and clean solution. As far as I understand, this is also basically how privilege escalation is done on Windows, as opposed to the suid mechanism.