Explanation for newbies: setuid is a special permission bit that makes an executable run with the permissions of its owner rather than the user executing it. This is often used to let a user run a specific program as root without having sudo access.
If this sounds like a security nightmare, that’s because it is.
In linux, setuid is slowly being phased out by Capabilities. An example of this is the ping command which used to need setuid in order to create raw sockets, but now just needs the cap_net_raw capability. More info: https://unix.stackexchange.com/questions/382771/why-does-ping-need-setuid-permission. Nevertheless, many linux distros still ship with setuid executables, for example passwd from the shadow-utils package.
Last time I was tempted to use suid, it was in order to allow an application I’d written to listen on 80 and 443. Fortunately I found the capabilities way of doing that (
setcap 'cap_net_bind_service=+ep' executable) and that was the first I ever heard of capabilities. I consider myself pretty Linux-savvy, but it was pretty recently that I learned about capabilities.