I simplified the patch addressed certain security concerns. I only
allowed setusercontext() to set resource limits/priority and umask,
because these are the values that are relevant from login.conf. The
rest of the settings (uid/gid/initgroups) should be done using e->uid
and e->gid like they were before, not from:
struct passwd *pwd = getpwnam(getenv("LOGNAME"));
Finally login_cap's (path/env) are irrelevant in this context since
we want to use our e->envp anyway to execute the command.
xtraeme