The example uses set_effective_priv(3TSOL) to bracket. The first call turns the file_setpriv privilege on (asserts it) in the effective set; the second call turns it off. The 1 indicates the privilege parameter list has one privilege constant (PRIV_FILE_SETPRIV) in it.
/* Turn file_setpriv on in effective set */ if (set_effective_priv(PRIV_ON, 1, PRIV_FILE_SETPRIV) == -1) perror("Cannot assert PRIV_FILE_SETPRIV"); /* Make interface call */ retval = setfpriv(execfile, PRIV_SET, PRIV_ALLOWED, &priv_get); /* Turn the file_setpriv privilege off */ if (set_effective_priv(PRIV_OFF, 1, PRIV_FILE_SETPRIV) == -1) perror("Cannot clear PRIV_FILE_SETPRIV"); /* Continue application code ...*/