In general, I agree with russ.  The best way to do it
would be to not have to run as alice or to run the
httpd as alice.  The latter requires changing it to
avoid the 'becomenone' routine and have alice start
it herself.  You could run arbitrarily many httpd's
just by using the -a option and specifying a different
port to listen for each, e.g. -a tcp!*!8000.

------

As rsc pointed out, you can take a hint from our
mail system.  Smtpd runs as none but can deliver
mail into anyones mail file.  The files are
protected alrw--w--w-, i.e., append only, exclusive
access and writeable by anyone.  I have a lock file in addition
to the mbox.  The lock file, is protected alrw-rw-rw-.
When I want to do anything to the mail box, I:

	/* try to set the lock */
	for(tries=0; tries < Maxtries && (lock=open(L.mbox))<0; tries++)
		sleep(some time);
	if(lock < 0)
		fatal("getting lock");

	/* affect/read mail box */
	...

	/* unlock */
	close(lock);

I still leave the 'l' bit on the mailbox to catch
any stupid accidents.

You could do something similar, except you'ld probably
want to make your alice file alrw-rw-rw-.

That's what I did with mail anyways...

------

You could also go nuts and run a server
as alice and have one of the httpd magic
files pass requests to it.  I think this
is overkill but doable.  Rsc's idea of
a alicefs is just a special case of this.
The problem here though is getting the
server's running as alice every reboot.
You'ld probably need cron to start if
for you if it wasn't already started.