I have an Apache2 CGI executable trying to use setgid()/setuid(). But it fails switching to root. How do I fix that issue?

My [CGI executable starts as expected](https://askubuntu.com/questions/547414/running-binary-cgi-on-apache2/1421670#1421670) . At some point, though, it tries to become root (and then yet a different user). At that point, the CGI fails. Here is the pertinent code snippet: [...] int const pid(fork()); if(pid == 0) { if(setgid(0) == -1) // <-- this fails. { std::cerr << "error: cannot become the \"root\" group.\n"; exit(0); } [...] I was thinking it could have something to do with the systemd [NoNewPrivileges](https://www.freedesktop.org/software/systemd/man/systemd.exec.html) parameter. That parameter is set to false by default and it does not appear in the Apache2 .service file. So I'm wondering what I could try next to make it all work. Here is the apache2.service file (on Ubuntu 20.04): [Unit] Description=The Apache HTTP Server After=network.target remote-fs.target nss-lookup.target Documentation=https://httpd.apache.org/docs/2.4/ [Service] Type=forking Environment=APACHE_STARTED_BY_SYSTEMD=true ExecStart=/usr/sbin/apachectl start ExecStop=/usr/sbin/apachectl stop ExecReload=/usr/sbin/apachectl graceful PrivateTmp=true Restart=on-abort [Install] WantedBy=multi-user.target and we can see that NoNewPrivileges is not set, nor [a field with a similar side effect as listed on Freedesktop](https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Security) . How do I get the setuid()/setgid() functions to work in newer versions of Apache2?