check_setugid: check uids to actually be 0
Currently the code in check_setugid()
checks for UIDs mismatch,
and exits in that case, assuming it is a privilege escalation.
But the actual check for the priv escalation is missing. Such check
can, at the very least, see if either of UIDs is 0. In other cases
it may be a priv drop, rather than an escalation.
This patch adds a simplest check for either of UIDs being equal to 0.
Fixes: #6629