pavement

Setuid

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
 
m
Line 22: Line 22:
 
     by reverting to the set-user-ID value.  Similarly, the effective group ID
 
     by reverting to the set-user-ID value.  Similarly, the effective group ID
 
     may be set to the value of the real group ID or the saved set-group-ID.
 
     may be set to the value of the real group ID or the saved set-group-ID.
 
+
See also http://setuid.org/
 
[[Category:FreeBSD Terminology]]
 
[[Category:FreeBSD Terminology]]

Revision as of 15:49, 15 March 2005

setuid (and it's brothers, setgid and seteuid) are all system calls that a program can use to change the user ID, group ID and effective user ID (respectively.)

From the man page for setuid:

    The setuid() system call sets the real and effective user IDs and the
    saved set-user-ID of the current process to the specified value.  The
    setuid() system call is permitted if the specified ID is equal to the
    real user ID or the effective user ID of the process, or if the effective
    user ID is that of the super user.

    The setgid() system call sets the real and effective group IDs and the
    saved set-group-ID of the current process to the specified value.  The
    setgid() system call is permitted if the specified ID is equal to the
    real group ID or the effective group ID of the process, or if the effec-
    tive user ID is that of the super user.

    The seteuid() system call (setegid()) sets the effective user ID (group
    ID) of the current process.  The effective user ID may be set to the
    value of the real user ID or the saved set-user-ID (see intro(2) and
    execve(2)); in this way, the effective user ID of a set-user-ID exe-
    cutable may be toggled by switching to the real user ID, then re-enabled
    by reverting to the set-user-ID value.  Similarly, the effective group ID
    may be set to the value of the real group ID or the saved set-group-ID.

See also http://setuid.org/

Personal tools