in reply to Dropping Privileges

If you read perlvar carefully it covers this:

Similarly, a value assigned to $) must also be a space-separated list of numbers. The first number sets the effective gid, and the rest (if any) are passed to setgroups(). To get the effect of an empty list for setgroups(), just repeat the new effective gid; that is, to force an effective gid of 5 and an effectively empty setgroups() list, say $) = "5 5".

So you probably want "$gid $gid" to drop all groups but $gid. And the truly paranoid will check $! afterwards . . .

Replies are listed 'Best First'.
Re^2: Dropping Privileges
by markg (Novice) on Sep 09, 2006 at 06:26 UTC
    Thanks Fletch. I had read perlvar on $( which doesn't mention how to set the groups. I guess I skimmed over $). Apparently, you have to set the group first as well. I had tried something similar to "5 5" without luck, but I now see it was the order.
[reply]

In Section Seekers of Perl Wisdom