- * We are running ruid=user, euid=daemon. So far we have been
- * messing around in the spool directory, so we needed the
- * daemon stuff. Now, we want to read the users file,
- * so we must give up the daemon protection, but we might
- * need the daemon's protection if the user interrupts and
- * we need to remove the spool files.
- * So, we fork and let the kid set the real and effective
- * user id's to the user, so he can read everything of his
- * own, but not his professor's final exam and not stuff
- * owned by daemon. If the kid exits with non-zero status,
- * that means that the user typed interrupt, and the parent
- * (still with daemon permissions) removes the spool file.
+ * We are running ruid=user, euid=spool owner. So far we have been
+ * messing around in the spool directory, so we needed to run
+ * as the owner of the spool directory.
+ * We now need to switch to the user's effective uid
+ * to simplify permission checking. However, we fork first,
+ * so that we can clean up if interrupted.