newgrp: fix potential string injection

newgrp: fix potential string injection

Since newgrp is setuid-root, any write() system calls it does in order
to print error messages will be done as the root user.

Unprivileged users can get newgrp to print essentially arbitrary strings
to any open file in this way by passing those strings as argv[0] when
calling execve(). For example:

    $ setpid() { (exec -a $1$'\n:' newgrp '' 2>/proc/sys/kernel/ns_last_pid & wait) >/dev/null; }
    $ setpid 31000
    $ readlink /proc/self
    31001

This is not a vulnerability in newgrp; it is a bug in the Linux kernel.

However, this type of bug is not new [1] and it makes sense to try to
mitigate these types of bugs in userspace where possible.

[1]: https://lwn.net/Articles/476947/

Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>