unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Page:
Section:
Apropos / Subsearch:
optional field

setuid(2)                        System Calls                        setuid(2)



NAME
       setuid, setegid, seteuid, setgid - set user and group IDs

SYNOPSIS
       #include <sys/types.h>
       #include <unistd.h>

       int setuid(uid_t uid);

       int setgid(gid_t gid);

       int seteuid(uid_t euid);

       int setegid(gid_t egid);

DESCRIPTION
       The  setuid()  function  sets  the real user ID, effective user ID, and
       saved user ID of the calling process. The setgid()  function  sets  the
       real  group  ID,  effective group ID, and saved group ID of the calling
       process. The setegid() and seteuid() functions set the effective  group
       and  user  IDs  respectively  for the calling process. See intro(2) for
       more information on real, effective, and saved user and group IDs.

       At login time, the real user ID, effective user ID, and saved  user  ID
       of  the  login  process are set to the login ID of the user responsible
       for the creation of the process. The same is true for the real,  effec-
       tive,  and  saved  group  IDs; they are set to the group ID of the user
       responsible for the creation of the process.

       When a process calls one of the exec(2) family of functions to  execute
       a file (program), the user and/or group identifiers associated with the
       process can change. If the file executed is  a  set-user-ID  file,  the
       effective and saved user IDs of the process are set to the owner of the
       file executed. If the file executed is a set-group-ID file, the  effec-
       tive  and  saved  group  IDs of the process are set to the group of the
       file executed. If the file executed is not a set-user-ID or  set-group-
       ID  file, the effective user ID, saved user ID, effective group ID, and
       saved group ID are not changed.

       If the {PRIV_PROC_SETID} privilege is asserted in the effective set  of
       the  process  calling setuid(), the real, effective, and saved user IDs
       are set to the uid argument.  If the uid argument is 0 and none of  the
       saved,  effective  or real UID is 0, additional restrictions apply. See
       privileges(5).

       If the {PRIV_PROC_SETID} privilege is not  asserted  in  the  effective
       set,  but  uid  is  either the real user ID or the saved user ID of the
       calling process, the effective user ID is set to uid.

       If the {PRIV_PROC_SETID} privilege is asserted in the effective set  of
       the  process calling setgid(), the real, effective, and saved group IDs
       are set to the gid argument.

       If the {PRIV_PROC_SETID} privilege is not  asserted  in  the  effective
       set,  but  gid is either the real group ID or the saved group ID of the
       calling process, the effective group ID is set to gid.

RETURN VALUES
       Upon successful completion, 0 is returned. Otherwise,  -1  is  returned
       and errno is set to indicate the error.

ERRORS
       The setuid() and setgid() functions will fail if:

       EINVAL          The value of uid or gid is out of range.



       EPERM           For setuid() and seteuid(), the {PRIV_PROC_SETID} priv-
                       ilege is not asserted in the effective set of the call-
                       ing  process and the uid argument does not match either
                       the real or saved user IDs, or an attempt  is  made  to
                       change  to UID 0 and none of the existing UIDs is 0, in
                       which case additional privileges are required.

                       For setgid() and setegid(), the {PRIV_PROC_SETID} priv-
                       ilege  is not asserted in the effective set and the gid
                       argument does not match either the real or saved  group
                       IDs.



ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:


       tab()     allbox;     cw(2.750000i)|    cw(2.750000i)    lw(2.750000i)|
       lw(2.750000i).  ATTRIBUTE TYPEATTRIBUTE VALUE Interface  StabilityStan-
       dard MT-LevelAsync-Signal-Safe


SEE ALSO
       intro(2),     exec(2),    getgroups(2),    getuid(2),    stat.h(3HEAD),
       attributes(5), privileges(5), standards(5)




SunOS 5.10                        20 Jan 2003                        setuid(2)