1SETREUID(3P)               POSIX Programmer's Manual              SETREUID(3P)
2
3
4

PROLOG

6       This  manual  page is part of the POSIX Programmer's Manual.  The Linux
7       implementation of this interface may differ (consult the  corresponding
8       Linux  manual page for details of Linux behavior), or the interface may
9       not be implemented on Linux.
10
11

NAME

13       setreuid — set real and effective user IDs
14

SYNOPSIS

16       #include <unistd.h>
17
18       int setreuid(uid_t ruid, uid_t euid);
19

DESCRIPTION

21       The setreuid() function shall set the real and effective  user  IDs  of
22       the  current process to the values specified by the ruid and euid argu‐
23       ments. If ruid or euid is −1, the corresponding effective or real  user
24       ID of the current process shall be left unchanged.
25
26       A  process  with appropriate privileges can set either ID to any value.
27       An unprivileged process can only set the effective user ID if the  euid
28       argument  is  equal  to either the real, effective, or saved user ID of
29       the process.
30
31       If the real user ID is being set (ruid is not  −1),  or  the  effective
32       user ID is being set to a value not equal to the real user ID, then the
33       saved set-user-ID of the current process shall be set equal to the  new
34       effective user ID.
35
36       It  is  unspecified whether a process without appropriate privileges is
37       permitted to change the real user ID to  match  the  current  effective
38       user ID or saved set-user-ID of the process.
39

RETURN VALUE

41       Upon successful completion, 0 shall be returned. Otherwise, −1 shall be
42       returned and errno set to indicate the error.
43

ERRORS

45       The setreuid() function shall fail if:
46
47       EINVAL The value of the ruid or euid argument  is  invalid  or  out-of-
48              range.
49
50       EPERM  The  current  process  does not have appropriate privileges, and
51              either an attempt was made to change the effective user ID to  a
52              value other than the real user ID or the saved set-user-ID or an
53              attempt was made to change the real user ID to a value not  per‐
54              mitted by the implementation.
55
56       The following sections are informative.
57

EXAMPLES

59   Setting the Effective User ID to the Real User ID
60       The following example sets the effective user ID of the calling process
61       to the real user ID, so that files created later will be owned  by  the
62       current  user.  It also sets the saved set-user-ID to the real user ID,
63       so any future attempt to set the effective user ID back to its previous
64       value will fail.
65
66           #include <unistd.h>
67           #include <sys/types.h>
68           ...
69           setreuid(getuid(), getuid());
70           ...
71

APPLICATION USAGE

73       None.
74

RATIONALE

76       Earlier  versions  of  this  standard did not specify whether the saved
77       set-user-ID was affected by setreuid() calls.  This  version  specifies
78       common  existing  practice  that constitutes an important security fea‐
79       ture. The ability to set both the effective user ID and saved set-user-
80       ID  to be the same as the real user ID means that any security weakness
81       in code that is executed after that point cannot  result  in  malicious
82       code  being  executed  with  the previous effective user ID. Privileged
83       applications could already do this using just setuid(),  but  for  non-
84       privileged  applications  the  only standard method available is to use
85       this feature of setreuid().
86

FUTURE DIRECTIONS

88       None.
89

SEE ALSO

91       getegid(), geteuid(), getgid(), getuid(),  setegid(),  seteuid(),  set‐
92       gid(), setregid(), setuid()
93
94       The Base Definitions volume of POSIX.1‐2008, <unistd.h>
95

COPYRIGHT

97       Portions  of  this text are reprinted and reproduced in electronic form
98       from IEEE Std 1003.1, 2013 Edition, Standard for Information Technology
99       --  Portable  Operating  System  Interface (POSIX), The Open Group Base
100       Specifications Issue 7, Copyright (C) 2013 by the Institute of Electri‐
101       cal  and  Electronics  Engineers,  Inc  and  The  Open Group.  (This is
102       POSIX.1-2008 with the 2013 Technical Corrigendum  1  applied.)  In  the
103       event of any discrepancy between this version and the original IEEE and
104       The Open Group Standard, the original IEEE and The Open Group  Standard
105       is  the  referee document. The original Standard can be obtained online
106       at http://www.unix.org/online.html .
107
108       Any typographical or formatting errors that appear  in  this  page  are
109       most likely to have been introduced during the conversion of the source
110       files to man page format. To report such errors,  see  https://www.ker‐
111       nel.org/doc/man-pages/reporting_bugs.html .
112
113
114
115IEEE/The Open Group                  2013                         SETREUID(3P)