Thanks for your reply.
You are providing a program with an additional gid. The program has not been coded be aware of that gid. Two potentially different filesystem views now exist within the program, depending on the g=rwx bits of directories and files in the tree. The program is no longer operating in a world-view it was designed for.
Could you be more precise on this point? I mean: if I correctly understand, you said that this can induce unwanted behavior due to the fact that, for example, firefox suppose it has the uid and gid of the user who launch it (and not a different egid)?
If I'am right, does this can really mater if the egid is the one of a group that only own one (executable) file in the whole system whith only read and execute permission on it?
