Suricata

POSIX requires that all pthread of a process have the same uid and gid (man ntpl, man setuid). Linux implements this.

If you change the uid of one thread, the pids of all others are synchronised. In util-privs.c we have two functions:

• SCDropMainThreadCaps()
  Drops privileges for mainthread at startup and therefore for all threads.
• SCDropCaps()

SCDropCaps() currently does nothing (body disabled via #if 0 preprocessor macro), but gets called at several points in the code.
I would suggest to remove the function definition and its calls.

Any opinions, thoughts on this?