Subject: Using setgroups() as unprivileged user
To: None <tech-userlevel@NetBSD.org>
From: Roland Illig <firstname.lastname@example.org>
Date: 12/03/2006 07:29:45
playing around a bit with setgroups(2), I noticed that it cannot be used
by an unprivileged user to drop group membership, since the getgroups(2)
system call is restricted to users with the proper privileges. This is a
common behavior among NetBSD, Linux, Solaris, IRIX, and probably many more.
So how can I drop the membership to additional groups?