seteuid sets the effective uid but at the same time retains the old
effective uid as a so called saved uid, which allows the process to go
back to root at a later point in time. As we don't want that, we use
the function setresuid and setresgid instead, allowing to set the
real, effective and saved uid/gid. We keep the real uid/gid unchanged,
but set the effective and saved uid/gid to the value of the real uid.
This forbids us to not regain root priviliges.
When the head process receives a SIGTERM we have to forward that to the init
process, which in turn has to forward it to the executed process which is
jailed. That process can then decide to exit, which also terminates the init and
head process through SIGCHILD/wait means.
madmaurice