You seem to be equating the setgid bit with the concept of "start a
process with a different gid".
No, that's not what it does. The setgid bit starts a new executable
with a disjoint mix of effective, saved, and real gid list, as well as
a gidlist.
Maybe it was not clear in my message but: no, I know that the setgid
change only the egid of a process and keep the gid, and the list of
other groups intact.
And that may have consequences.
This is exacly my question: which type of consequences in the case of an
executable with the setgid bit set and owned by a group that only own
this file and have only read and execute permission?
I'm not saying I'm better than others or that I can imagine all possible
consequences of this practise, I only want to have an example and better
understand why this is a dangerous practise with another answer than
simply "this is bad", "this is dangerous" or "you are crazy". This is
certainly true if you said so, but I want to know "why" and "how".
My motivation is simply curiosity. If I can't have an answer, well, I
will experiment with ls as you said until I found one day my answer.
