--- /dev/null
+diff -up dhcp-4.2.3-P1/server/dhcpd.c.paranoia dhcp-4.2.3-P1/server/dhcpd.c
+--- dhcp-4.2.3-P1/server/dhcpd.c.paranoia 2011-12-20 18:02:26.000000000 +0100
++++ dhcp-4.2.3-P1/server/dhcpd.c 2011-12-20 18:03:43.840037108 +0100
+@@ -771,22 +771,6 @@ main(int argc, char **argv) {
+ exit (0);
+ }
+
+-#if defined (PARANOIA)
+- /* change uid to the specified one */
+-
+- if (set_gid) {
+- if (setgroups (0, (void *)0))
+- log_fatal ("setgroups: %m");
+- if (setgid (set_gid))
+- log_fatal ("setgid(%d): %m", (int) set_gid);
+- }
+-
+- if (set_uid) {
+- if (setuid (set_uid))
+- log_fatal ("setuid(%d): %m", (int) set_uid);
+- }
+-#endif /* PARANOIA */
+-
+ /*
+ * Deal with pid files. If the user told us
+ * not to write a file we don't read one either
+@@ -823,6 +807,22 @@ main(int argc, char **argv) {
+ }
+ }
+
++#if defined (PARANOIA)
++ /* change uid to the specified one */
++
++ if (set_gid) {
++ if (setgroups (0, (void *)0))
++ log_fatal ("setgroups: %m");
++ if (setgid (set_gid))
++ log_fatal ("setgid(%d): %m", (int) set_gid);
++ }
++
++ if (set_uid) {
++ if (setuid (set_uid))
++ log_fatal ("setuid(%d): %m", (int) set_uid);
++ }
++#endif /* PARANOIA */
++
+ /* If we were requested to log to stdout on the command line,
+ keep doing so; otherwise, stop. */
+ if (log_perror == -1)