pavement

Setuid

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
(changed self-redirecting links to boldface)
(added boldface for readability)
Line 3: Line 3:
 
From the man page for setuid:
 
From the man page for setuid:
  
     The setuid() system call sets the real and effective user IDs and the
+
     The '''setuid()''' system call sets the real and effective user IDs and the
 
     saved set-user-ID of the current process to the specified value.  The
 
     saved set-user-ID of the current process to the specified value.  The
 
     setuid() system call is permitted if the specified ID is equal to the
 
     setuid() system call is permitted if the specified ID is equal to the
Line 9: Line 9:
 
     user ID is that of the super user.
 
     user ID is that of the super user.
 
   
 
   
     The setgid() system call sets the real and effective group IDs and the
+
     The '''setgid()''' system call sets the real and effective group IDs and the
 
     saved set-group-ID of the current process to the specified value.  The
 
     saved set-group-ID of the current process to the specified value.  The
 
     setgid() system call is permitted if the specified ID is equal to the
 
     setgid() system call is permitted if the specified ID is equal to the
Line 15: Line 15:
 
     tive user ID is that of the super user.
 
     tive user ID is that of the super user.
 
   
 
   
     The seteuid() system call (setegid()) sets the effective user ID (group
+
     The '''seteuid()''' system call (setegid()) sets the effective user ID (group
 
     ID) of the current process.  The effective user ID may be set to the
 
     ID) of the current process.  The effective user ID may be set to the
 
     value of the real user ID or the saved set-user-ID (see intro(2) and
 
     value of the real user ID or the saved set-user-ID (see intro(2) and

Revision as of 11:15, 16 March 2005

setuid (and its fellow commands setgid and seteuid) are all system calls that a program can use to change its user ID, group ID and effective user ID (respectively.)

From the man page for setuid:

    The setuid() system call sets the real and effective user IDs and the
    saved set-user-ID of the current process to the specified value.  The
    setuid() system call is permitted if the specified ID is equal to the
    real user ID or the effective user ID of the process, or if the effective
    user ID is that of the super user.

    The setgid() system call sets the real and effective group IDs and the
    saved set-group-ID of the current process to the specified value.  The
    setgid() system call is permitted if the specified ID is equal to the
    real group ID or the effective group ID of the process, or if the effec-
    tive user ID is that of the super user.

    The seteuid() system call (setegid()) sets the effective user ID (group
    ID) of the current process.  The effective user ID may be set to the
    value of the real user ID or the saved set-user-ID (see intro(2) and
    execve(2)); in this way, the effective user ID of a set-user-ID exe-
    cutable may be toggled by switching to the real user ID, then re-enabled
    by reverting to the set-user-ID value.  Similarly, the effective group ID
    may be set to the value of the real group ID or the saved set-group-ID.

See also http://setuid.org/

Personal tools