When trying to run a wxWidgets/GTK+ setgid application, you'll get the following error message:
(process:XXXX): Gtk-WARNING **: This process is currently running
setuid or setgid.
This is not a supported use of GTK+. You must create a helper
program instead. For further details, see:
http://www.gtk.org/setuid.html
Refusing to initialize GTK+.
While I agree that a GUI application should not run as setuid, I do believe there are good reasons for running a setgid GUI application.
To work-around this issue, it is possible to set the real group id to the effective group id before gtk is initialized.
wxWidgets sadly does not provide any mean to add code before the gtk initialization.
It is still possible to use the GCC constructor attribute:
void gtk_init_hack(void) __attribute__((constructor));
void gtk_init_hack(void) { setregid(getegid(), -1); } // This will always run before main()
The only drawback is, if the application creates files or folder, they will inherit the same group as the setgid application. This can be fixed using a chown() function call afterwards.
