DESCRIPTION

     setgid sets the effective group ID of the  current  process.
     If  the  caller  is  the superuser, the real and saved group
     ID's are also set.

     Under Linux, setgid is implemented like  the  POSIX  version
     with  the  _POSIX_SAVED_IDS  feature.   This allows a setgid
     (other  than  root)  program  to  drop  all  of  its   group
     privileges,  do  some un-privileged work, and then re-engage
     the original effective group ID in a secure manner.

     If the user is root or the program is setgid  root,  special
     care must be taken. The setgid function checks the effective
     gid of the caller and if it is the  superuser,  all  process
     related group ID's are set to gid.  After this has occurred,
     it is impossible for the program to regain root privileges.

     Thus, a setgid-root program wishing to temporarily drop root
     privileges,  assume  the  identity  of a non-root group, and
     then regain root privileges afterwards  cannot  use  setgid.
     You  can  accomplish  this  with  the  (non-POSIX, BSD) call
     setegid.

RETURN VALUE

     On success, zero is returned.  On error, -1 is returned, and
     errno is set appropriately.

ERRORS

     EPERM   The user is not the super-user,  and  gid  does  not
             match the effective or saved group ID of the calling
             process.

CONFORMING TO

     SVr4, SVID.

SEE ALSO

     getgid(2), setregid(2), setegid(2)