However, you can currently set the primary group of a user to 'root', and then AOLserver will run with the group set to 'root'. Are there any problems with this? I have a patch for AOLserver that disallows this, and also allows only valid groups the user is in, but I have yet to submit it.