XXX: Should have two parts - one that talks the network protocol, the other executing requests. Front-end to run chrooted w/o privilege.
XXX: Whenever possible, impersonate the client user
XXX: Section - Dropping privilege
