I'd use clone() instead, using CLONE_VFORK|CLONE_VM flags; see man 2 clone for details.

Because CLONE_FILES is not set, the child process has its own file descriptors, and can close and open standard descriptors without affecting the parent at all.

Because the cloned process is a separate process, it has its own user and group ids, so setting them via setresgid() and setresuid() (perhaps calling setgroups() or initgroups() first to set the additional groups -- see man 2 setresuid, man 2 setgroups, and man 3 initgroups for details) will not affect the parent at all.

The CLONE_VFORK|CLONE_VM flags mean this clone() should behave like vfork(), with the child process running in the same memory space as the parent process up till the execve() call.

This approach avoids the latency when using an intermediate executable -- it is pretty significant --, but the approach completely Linux-specific.

From the standard:

[..] the behaviour is undefined if the process created by vfork() either modifies any data other than a variable of type pid_t used to store the return value from vfork(), or returns from the function in which vfork() was called, or calls any other function before successfully calling _exit() or one of the exec family of functions.

The problem with calling functions like setuid or pipe is that they could affect memory in the address space shared between the parent and child processes. If you need to do anything before exec, the best way is to write a small shim process that does whatever you need it to and then execs to the eventual child process (perhaps arguments supplied through argv).

shim.c
======

enum {
    /* initial arguments */
    ARGV_FILE = 5, ARGV_ARGS
};
int main(int argc, char *argv[]) {
    /* consume instructions from argv */
    /* setuid, pipe() etc. */
    return execvp(argv[ARGV_FILE], argv + ARGV_ARGS);
}