FWIW this is already how Debian (and presumably other distros') tor packages work: tor runs as a dedicated user. Already it is possible to grant other users access to the control port (from which they can already create and remove hidden services). The reason why HS applications that create their own HSes generally run their own instance of tor as their own uid is that the hidden service data (key and hostname) written by tor is currently only readable by the tor user. There is another patch to address this issue (in progress or possibly already merged, sorry I'm not looking up the ticket right now) to
Already merged in 2.6.x.
allow this data to be written with permissions for another group to read it, but this ephemeral HS plan of delivering the information over the control port is obviously much better/more flexible.
From Valencia, ~leif
From Valencia... the other end of the table from Leif in the same tiny room.
David