File nsca-clean-setgroups.patch of Package nsca

Index: nsca-2.10.0/src/nsca.c
===================================================================
--- nsca-2.10.0.orig/src/nsca.c
+++ nsca-2.10.0/src/nsca.c
@@ -1606,6 +1606,14 @@ static int drop_privileges(const char *u
 	if(getuid()!=0)
 		return OK;
 
+    // When dropping privileges from root, the `setgroups` call will
+    // remove any extraneous groups. If we don't call this, then
+    // even though our uid has dropped, we may still have groups
+    // that enable us to do super-user things. This will fail if we
+    // aren't root, so don't bother checking the return value, this
+    // is just done as an optimistic privilege dropping function.
+    setgroups(0, NULL);
+
 	/* set effective group ID if other than current EGID */
 	if(gid!=getegid()){
 		if(setgid(gid)==-1){