setuid, seteuid, setgid, setegid - set user and group ID
Standard C Library (libc, -lc)
#include <unistd.h>
int
setuid(uid_t uid);
int
seteuid(uid_t euid);
int
setgid(gid_t gid);
int
setegid(gid_t egid);
The setuid() function sets the real and effective user IDs and the saved
set-user-ID of the current process to the specified value. The setuid()
function is permitted if the specified ID is equal to the real user ID of
the process, or if the effective user ID is that of the super user.
The setgid() function sets the real and effective group IDs and the saved
set-group-ID of the current process to the specified value. The setgid()
function is permitted if the specified ID is equal to the real group ID
of the process, or if the effective user ID is that of the super user.
The seteuid() function (setegid()) sets the effective user ID (group ID)
of the current process. The effective user ID may be set to the value of
the real user ID or the saved set-user-ID (see intro(2) and execve(2));
in this way, the effective user ID of a set-user-ID executable may be
toggled by switching to the real user ID, then re-enabled by reverting to
the set-user-ID value. Similarly, the effective group ID may be set to
the value of the real group ID or the saved set-group-ID.
Upon success, these functions return 0; otherwise -1 is returned.
If the user is not the super user, or the uid specified is not the real,
effective ID, or saved ID, these functions return -1.
getgid(2), getuid(2)
The setuid() and setgid() functions are compliant with the ISO/IEC
9945-1:1990 (``POSIX.1'') specification with _POSIX_SAVED_IDS not
defined. We do not implement the _POSIX_SAVED_IDS option as specified in
the standard because this would make it impossible for a set-user-ID executable
owned by a user other than the super-user to permanently revoke
its privileges.
The seteuid() and setegid() functions are extensions based on the POSIX
concept of _POSIX_SAVED_IDS, and have been proposed for a future revision
of the standard. They provide the same feature of toggling effective IDs
as _POSIX_SAVED_IDS, but do so independent of the current effective ID,
rather than requiring the super-user to permanently revoke its privileges.
BSD June 4, 1993 BSD
[ Back ] |