--- kismet-2007-01-R1b/kismet_server.cc.setgroups	2007-01-06 09:08:59.000000000 +0100
+++ kismet-2007-01-R1b/kismet_server.cc	2007-02-03 23:33:12.000000000 +0100
@@ -28,6 +28,7 @@
 #include <stdlib.h>
 #include <signal.h>
 #include <pwd.h>
+#include <grp.h>
 #include <string>
 #include <vector>
 
@@ -2506,6 +2507,11 @@
         exit(1);
     }
 
+    if (setgroups(0,0) < 0) {
+	fprintf(stderr, "FATAL: setgroups() failed: %m.\n");
+	exit(1);
+    }
+
     if (setuid(suid_id) < 0) {
         fprintf(stderr, "FATAL:  setuid() to %s (%d) failed.\n", suid_user, suid_id);
         exit(1);
--- kismet-2007-01-R1b/kismet_drone.cc.setgroups	2006-04-13 00:42:59.000000000 +0200
+++ kismet-2007-01-R1b/kismet_drone.cc	2007-02-03 23:35:45.000000000 +0100
@@ -26,6 +26,7 @@
 #include <stdlib.h>
 #include <signal.h>
 #include <pwd.h>
+#include <grp.h>
 #include <string>
 #include <vector>
 
@@ -298,6 +299,7 @@
     struct passwd *pwordent;
     const char *suid_user;
     uid_t suid_id, real_uid;
+    gid_t suid_gid;
 
     real_uid = getuid();
 
@@ -308,7 +310,8 @@
             fprintf(stderr, "        Make sure you have a valid user set for 'suiduser' in your config.\n");
             exit(1);
         } else {
-            suid_id = pwordent->pw_uid;
+            suid_id  = pwordent->pw_uid;
+            suid_gid = pwordent->pw_gid;
 
             if (suid_id == 0) {
                 // If we're suiding to root...
@@ -516,6 +519,16 @@
     // logfiles as root if we can avoid it.  Once we've dropped, we'll investigate our
     // sources again and open any defered
 #ifdef HAVE_SUID
+    if (setgid(suid_gid) < 0) {
+	fprintf(stderr, "FATAL:  setgid() to %d failed: %m\n", suid_gid);
+	exit(1);
+    }
+
+    if (setgroups(0,0) < 0) {
+	fprintf(stderr, "FATAL: setgroups() failed: %m\n");
+	exit(1);
+    }
+
     if (setuid(suid_id) < 0) {
         fprintf(stderr, "FATAL:  setuid() to %s (%d) failed.\n", suid_user, suid_id);
         exit(1);