#819 Missing call to setgroups before setuid (POS36-C)

[jcsl]

Hi.

Building LXDM in the openSUSE Build Service the output reports a security related problem:

lxdm.x86_64: W: missing-call-to-setgroups-before-setuid /usr/bin/lxdm-config
This executable is calling setuid and setgid without setgroups or initgroups.
There is a high probability this means it didn't relinquish all groups, and
this would be a potential security issue to be fixed. Seek POS36-C on the web
for details about the problem.

I don't know if it is something important or not, but I want to notify it here just in case it is.

Greetings.