Filesystem uids / gids

Each process has a 'filesystem' uid and gid.

All file access restrictions are actually checked against fsuid / fsgid.

Files are created with fsuid / fsgid ownership.

fsuid and fsgid are always changed to whatever euid and egid are set to whenever euid/egid are changed.

The setfsuid and setfsgid calls can be used to change these values.
New fsuid must be same as uid, euid, or suid.
New fsgid must be same as gid, egid, or sgid.

Very very few programs use these system calls.
NFS server
Some Spagetti code I wrote very very long ago....