How do I write security sensitive/SUID/SGID programs with GTK+? Is GTK+ secure? What's this GTK_MODULES security hole I heard about? [GTK 2.x]

The short answer to this question is: you can't, so don't write SUID/SGID programs with GTK+

GTK+ will refuse to run with elevated privileges, as it is not designed to be used in this manner. The only correct way to write a setuid program with a graphical user interface is to have a setuid backend that communicates with the non-setuid graphical user interface via a mechanism such as a pipe and that considers the input it receives to be untrusted.

For a more thorough explanation of the GTK+ Developers position on this issue see