Fork method

Fork and run setgid/setuid to be sure you don't have any extra privs.

   pid = fork();
   if ( pid > 0 ) {
   	/* parent, let's just wait */
        waitpid( pid, &status, 0);
   } elsif ( pid == 0 ) {
        /* child - become the actual user */
        setgid( gid );
        setuid( uid );
        /* setgroups() or initgroups() may be appropriate here */

        if ( gid != getgid() or uid != getuid() ) { diehorribly(); }

        /* do stuff as the unprivileged user here*/
        execl("/usr/bin/vi", "vi", "/tmp/somefile", NULL)

   } else {
        diehorribly("");
   }