Setuid
From FreeBSDwiki
(Difference between revisions)
(changed self-redirecting links to boldface) |
(added boldface for readability) |
||
| Line 3: | Line 3: | ||
From the man page for setuid: | From the man page for setuid: | ||
| − | The setuid() system call sets the real and effective user IDs and the | + | The '''setuid()''' system call sets the real and effective user IDs and the |
saved set-user-ID of the current process to the specified value. The | saved set-user-ID of the current process to the specified value. The | ||
setuid() system call is permitted if the specified ID is equal to the | setuid() system call is permitted if the specified ID is equal to the | ||
| Line 9: | Line 9: | ||
user ID is that of the super user. | user ID is that of the super user. | ||
| − | The setgid() system call sets the real and effective group IDs and the | + | The '''setgid()''' system call sets the real and effective group IDs and the |
saved set-group-ID of the current process to the specified value. The | saved set-group-ID of the current process to the specified value. The | ||
setgid() system call is permitted if the specified ID is equal to the | setgid() system call is permitted if the specified ID is equal to the | ||
| Line 15: | Line 15: | ||
tive user ID is that of the super user. | tive user ID is that of the super user. | ||
| − | The seteuid() system call (setegid()) sets the effective user ID (group | + | The '''seteuid()''' system call (setegid()) sets the effective user ID (group |
ID) of the current process. The effective user ID may be set to the | ID) of the current process. The effective user ID may be set to the | ||
value of the real user ID or the saved set-user-ID (see intro(2) and | value of the real user ID or the saved set-user-ID (see intro(2) and | ||
Revision as of 11:15, 16 March 2005
setuid (and its fellow commands setgid and seteuid) are all system calls that a program can use to change its user ID, group ID and effective user ID (respectively.)
From the man page for setuid:
The setuid() system call sets the real and effective user IDs and the
saved set-user-ID of the current process to the specified value. The
setuid() system call is permitted if the specified ID is equal to the
real user ID or the effective user ID of the process, or if the effective
user ID is that of the super user.
The setgid() system call sets the real and effective group IDs and the
saved set-group-ID of the current process to the specified value. The
setgid() system call is permitted if the specified ID is equal to the
real group ID or the effective group ID of the process, or if the effec-
tive user ID is that of the super user.
The seteuid() system call (setegid()) sets the effective user ID (group
ID) of the current process. The effective user ID may be set to the
value of the real user ID or the saved set-user-ID (see intro(2) and
execve(2)); in this way, the effective user ID of a set-user-ID exe-
cutable may be toggled by switching to the real user ID, then re-enabled
by reverting to the set-user-ID value. Similarly, the effective group ID
may be set to the value of the real group ID or the saved set-group-ID.
See also http://setuid.org/
