diff --git a/ChangeLog b/ChangeLog
index bf57c49..ca597bf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+vNEXT: 
+	Call setgroups() before setgid() (fixes potential
+	privilege escalation).
+	(Lars Vogdt)
+
 v1.16:	11FEB2014
 	Probes made more resilient, to incoming data
 	containing NULLs. Also made them behave properly
diff --git a/common.c b/common.c
index 963fa4c..a297176 100644
--- a/common.c
+++ b/common.c
@@ -6,6 +6,7 @@
 
 #define _GNU_SOURCE
 #include <stdarg.h>
+#include <grp.h>
 
 #include "common.h"
 #include "probe.h"
@@ -578,6 +579,13 @@ void drop_privileges(const char* user_name)
 
     set_keepcaps(1);
 
+    /* remove extraneous groups in case we belong to several extra groups that
+     * may have unwanted rights. If non-root when calling setgroups(), it
+     * fails, which is fine because... we have no unwanted rights 
+     * (see POS36-C for security context)
+     * */
+    setgroups(0, NULL);
+
     res = setgid(pw->pw_gid);
     CHECK_RES_DIE(res, "setgid");
     res = setuid(pw->pw_uid);