Comment 3 for bug 1611603

I managed to completely forget what a hack the previous patch was between writing it and posting it. So please definitely ignore that one.

Here's a more sensible patch that that will skip chowning the worker temporary file if we're running as root and we know we're not going to try to drop privileges.

If Ubuntu snaps gain support for assigning non-root UIDs and GIDs to confined apps, gunicorn will probably need more work, even with this patch applied, because utils.set_owner_process() assumes that setuid(getuid()) will successfully no-op, whereas the Ubuntu snap security policy would probably still block setuid() entirely.

But this seems to be enough for now, and my snapped Web app still works with this patch applied in place of the previous one.