setuid()/seteuid() return code is not checked, allowing user to bypass protection by exhausting user limits.
vulners.com/securityvulns/securityvulns:doc:13808
vulners.com/securityvulns/securityvulns:doc:13853