--- tmux.c.orig	2010-07-19 07:07:06.311243142 +0200
+++ tmux.c	2010-07-19 07:08:54.969213735 +0200
@@ -185,9 +185,10 @@
 {
 	char		base[MAXPATHLEN], *path;
 	struct stat	sb;
-	u_int		uid;
+	u_int		uid,gid;
 
 	uid = getuid();
+    gid = getgid();
 	xsnprintf(base, MAXPATHLEN, "%s/tmux-%d", _PATH_TMP, uid);
 
 	if (mkdir(base, S_IRWXU) != 0 && errno != EEXIST)
@@ -203,6 +204,9 @@
 		errno = EACCES;
 		return (NULL);
 	}
+    /* drop unnecessary privileges */
+    if (setresgid(gid, gid, gid) != 0)
+        return (NULL);
 
 	xasprintf(&path, "%s/%s", base, label);
 	return (path);