1SETREUID(3P) POSIX Programmer's Manual SETREUID(3P)
2
3
4
6 This manual page is part of the POSIX Programmer's Manual. The Linux
7 implementation of this interface may differ (consult the corresponding
8 Linux manual page for details of Linux behavior), or the interface may
9 not be implemented on Linux.
10
11
13 setreuid — set real and effective user IDs
14
16 #include <unistd.h>
17
18 int setreuid(uid_t ruid, uid_t euid);
19
21 The setreuid() function shall set the real and effective user IDs of
22 the current process to the values specified by the ruid and euid argu‐
23 ments. If ruid or euid is −1, the corresponding effective or real user
24 ID of the current process shall be left unchanged.
25
26 A process with appropriate privileges can set either ID to any value.
27 An unprivileged process can only set the effective user ID if the euid
28 argument is equal to either the real, effective, or saved user ID of
29 the process.
30
31 If the real user ID is being set (ruid is not −1), or the effective
32 user ID is being set to a value not equal to the real user ID, then the
33 saved set-user-ID of the current process shall be set equal to the new
34 effective user ID.
35
36 It is unspecified whether a process without appropriate privileges is
37 permitted to change the real user ID to match the current effective
38 user ID or saved set-user-ID of the process.
39
41 Upon successful completion, 0 shall be returned. Otherwise, −1 shall be
42 returned and errno set to indicate the error.
43
45 The setreuid() function shall fail if:
46
47 EINVAL The value of the ruid or euid argument is invalid or out-of-
48 range.
49
50 EPERM The current process does not have appropriate privileges, and
51 either an attempt was made to change the effective user ID to a
52 value other than the real user ID or the saved set-user-ID or an
53 attempt was made to change the real user ID to a value not per‐
54 mitted by the implementation.
55
56 The following sections are informative.
57
59 Setting the Effective User ID to the Real User ID
60 The following example sets the effective user ID of the calling process
61 to the real user ID, so that files created later will be owned by the
62 current user. It also sets the saved set-user-ID to the real user ID,
63 so any future attempt to set the effective user ID back to its previous
64 value will fail.
65
66 #include <unistd.h>
67 #include <sys/types.h>
68 ...
69 setreuid(getuid(), getuid());
70 ...
71
73 None.
74
76 Earlier versions of this standard did not specify whether the saved
77 set-user-ID was affected by setreuid() calls. This version specifies
78 common existing practice that constitutes an important security fea‐
79 ture. The ability to set both the effective user ID and saved set-user-
80 ID to be the same as the real user ID means that any security weakness
81 in code that is executed after that point cannot result in malicious
82 code being executed with the previous effective user ID. Privileged
83 applications could already do this using just setuid(), but for non-
84 privileged applications the only standard method available is to use
85 this feature of setreuid().
86
88 None.
89
91 getegid(), geteuid(), getgid(), getuid(), setegid(), seteuid(), set‐
92 gid(), setregid(), setuid()
93
94 The Base Definitions volume of POSIX.1‐2008, <unistd.h>
95
97 Portions of this text are reprinted and reproduced in electronic form
98 from IEEE Std 1003.1, 2013 Edition, Standard for Information Technology
99 -- Portable Operating System Interface (POSIX), The Open Group Base
100 Specifications Issue 7, Copyright (C) 2013 by the Institute of Electri‐
101 cal and Electronics Engineers, Inc and The Open Group. (This is
102 POSIX.1-2008 with the 2013 Technical Corrigendum 1 applied.) In the
103 event of any discrepancy between this version and the original IEEE and
104 The Open Group Standard, the original IEEE and The Open Group Standard
105 is the referee document. The original Standard can be obtained online
106 at http://www.unix.org/online.html .
107
108 Any typographical or formatting errors that appear in this page are
109 most likely to have been introduced during the conversion of the source
110 files to man page format. To report such errors, see https://www.ker‐
111 nel.org/doc/man-pages/reporting_bugs.html .
112
113
114
115IEEE/The Open Group 2013 SETREUID(3P)