Dropping privileges

How to avoid problems when writing programs that are setXid?  Simple:

Gain access to whatever protected resources you need as early as possible.
Open protected files, create a raw socket, bind a low port, etc

Drop your enhanced privs using the set*id system calls

Do whatever needs doing