fix: preserve jail group when dropping privileges on macOS

Previously, we were changing both UID and GID to the original user,
which broke network jailing because the subprocess was no longer in
the jail group that gets redirected through the proxy.

Now we:
- Change UID to original user (for correct user identity)
- Keep GID as jail group (for network isolation)

This maintains both user identity and network jailing functionality.

Co-authored-by: f0ssel <[email protected]>

Author: blink-so[bot]

network/macos.go

@@ -114,13 +114,14 @@ func (m *MacOSNetJail) Execute(command []string, extraEnv map[string]string) err
 				if err != nil {
 					m.logger.Warn("Invalid SUDO_GID, subprocess will run as root", "sudo_gid", sudoGID, "error", err)
 				} else {
+					// Use original user ID but KEEP the jail group for network isolation
 					cmd.SysProcAttr = &syscall.SysProcAttr{
 						Credential: &syscall.Credential{
 							Uid: uint32(uid),
-							Gid: uint32(gid),
+							Gid: uint32(m.groupID), // Keep jail group, not original user's group
 						},
 					}
-					m.logger.Debug("Dropping privileges to original user", "uid", uid, "gid", gid)
+					m.logger.Debug("Dropping privileges to original user with jail group", "uid", uid, "jail_gid", m.groupID)
 				}
 			}
 		}