setgid - set group identity


       #include <unistd.h>

       int setgid(gid_t gid)


       setgid sets the effective group ID of the current process.
       If the caller is the superuser, the real and  saved  group
       ID's are also set.

       Under  Linux, setgid is implemented like the POSIX version
       with the _POSIX_SAVED_IDS feature.  This allows  a  setgid
       (other  than root) program to drop all of its group privi­
       leges, do some un-privileged work, and then re-engage  the
       original effective group ID in a secure manner.

       If the user is root or the program is setgid root, special
       care must be taken. The setgid function checks the  effec­
       tive  gid  of  the  caller and if it is the superuser, all
       process related group ID's are set to gid.  After this has
       occurred,  it is impossible for the program to regain root

       Thus, a setgid-root program wishing  to  temporarily  drop
       root  privileges, assume the identity of a non-root group,
       and then regain root privileges afterwards cannot use set­
       gid.   You  can  accomplish this with the (non-POSIX, BSD)
       call setegid.


       On success, zero is returned.  On error, -1  is  returned,
       and errno is set appropriately.


       EPERM  The  user  is  not the super-user, and gid does not
              match the effective group ID or saved  set-group-ID
              of the calling process.


       SVr4, SVID.


       getgid(2), setregid(2), setegid(2)