setgid
sets the effective group ID of the current process. If the caller is the
superuser, the real and saved group ID's are also set.
Under Linux,
setgid
is implemented like the POSIX version with the _POSIX_SAVED_IDS feature.
This allows a setgid (other than root) program to drop all of its group
privileges, do some un-privileged work, and then re-engage the original
effective group ID in a secure manner.
If the user is root or the program is setgid root, special care must be
taken. The
setgid
function checks the effective gid of the caller and if it is the superuser,
all process related group ID's are set to
gid .
After this has occurred, it is impossible for the program to regain root
privileges.
Thus, a setgid-root program wishing to temporarily drop root
privileges, assume the identity of a non-root group, and then regain
root privileges afterwards cannot use
setgid .
You can accomplish this with the (non-POSIX, BSD) call
setegid .