README
nss_dynpid reads /etc/passwd.dynpid and treats the UID column as a
process ID, and the actually provided UID is the real UID of that
process.

WARNING: The security impact is currently unclear and needs to be
reviewed.  Clearly, it is only safe if PID 1 is trusted and cannot be
instructed execve AT_SECURE binaries.  There might be other
consequences.