HP WBEM Services Software Developer's Kit for HP-UX Provider and Client Developer's Guide A.01
Provider Implementation
Provider Design Considerations
Chapter 4 69
As previously mentioned, providers run under the root user ID.
Providers must use the username to determine whether the user has
permission to perform the requested operation. This determination must
be made in addition to the namespace authorization that the CIM Server
may have performed. The provider must not perform any operation that
would be unauthorized for the user on whose behalf it is executing the
request. While it may seem technically possible, setuid() must never be
called in the provider process, since other requests may be running
concurrently in other threads (in the same provider or in others that may
be loaded in the same process context). If done in a thread-safe manner,
it is permissible to create a separate process under a specific user ID.
This may be an appropriate design strategy in cases where it is the most
or only reliable means of ensuring secure operation. Care should be
taken to consider performance and resource utilization.
If needed for additional authorization, the namespace of the target object
can be obtained from the object identification parameter of the request,
as in the API documentation of the HP WBEM Services SDK, in the
/opt/wbem/html directory.