Subject: Using setgroups() as unprivileged user
To: None <>
From: Roland Illig <>
List: tech-userlevel
Date: 12/03/2006 07:29:45

playing around a bit with setgroups(2), I noticed that it cannot be used 
by an unprivileged user to drop group membership, since the getgroups(2) 
system call is restricted to users with the proper privileges. This is a 
common behavior among NetBSD, Linux, Solaris, IRIX, and probably many more.

So how can I drop the membership to additional groups?