1setuid(2)                        System Calls                        setuid(2)
2
3
4

NAME

6       setuid, setegid, seteuid, setgid - set user and group IDs
7

SYNOPSIS

9       #include <sys/types.h>
10       #include <unistd.h>
11
12       int setuid(uid_t uid);
13
14
15       int setgid(gid_t gid);
16
17
18       int seteuid(uid_t euid);
19
20
21       int setegid(gid_t egid);
22
23

DESCRIPTION

25       The  setuid()  function  sets  the real user ID, effective user ID, and
26       saved user ID of the calling process. The setgid()  function  sets  the
27       real  group  ID,  effective group ID, and saved group ID of the calling
28       process. The setegid() and seteuid() functions set the effective  group
29       and  user  IDs  respectively  for the calling process. See Intro(2) for
30       more information on real, effective, and saved user and group IDs.
31
32
33       At login time, the real user ID, effective user ID, and saved  user  ID
34       of  the  login  process are set to the login ID of the user responsible
35       for the creation of the process. The same is true for the real,  effec‐
36       tive,  and  saved  group  IDs; they are set to the group ID of the user
37       responsible for the creation of the process.
38
39
40       When a process calls one of the exec(2) family of functions to  execute
41       a file (program), the user and/or group identifiers associated with the
42       process can change. If the file executed is  a  set-user-ID  file,  the
43       effective and saved user IDs of the process are set to the owner of the
44       file executed. If the file executed is a set-group-ID file, the  effec‐
45       tive  and  saved  group  IDs of the process are set to the group of the
46       file executed. If the file executed is not a set-user-ID or  set-group-
47       ID  file, the effective user ID, saved user ID, effective group ID, and
48       saved group ID are not changed.
49
50
51       If the {PRIV_PROC_SETID} privilege is asserted in the effective set  of
52       the  process  calling setuid(), the real, effective, and saved user IDs
53       are set to the uid argument.  If the uid argument is 0 and none of  the
54       saved,  effective  or real UID is 0, additional restrictions apply. See
55       privileges(5).
56
57
58       If the {PRIV_PROC_SETID} privilege is not  asserted  in  the  effective
59       set,  but  uid  is  either the real user ID or the saved user ID of the
60       calling process, the effective user ID is set to uid.
61
62
63       If the {PRIV_PROC_SETID} privilege is asserted in the effective set  of
64       the  process calling setgid(), the real, effective, and saved group IDs
65       are set to the gid argument.
66
67
68       If the {PRIV_PROC_SETID} privilege is not  asserted  in  the  effective
69       set,  but  gid is either the real group ID or the saved group ID of the
70       calling process, the effective group ID is set to gid.
71

RETURN VALUES

73       Upon successful completion, 0 is returned. Otherwise,  −1  is  returned
74       and errno is set to indicate the error.
75

ERRORS

77       The setuid() and setgid() functions will fail if:
78
79       EINVAL    The value of uid or gid is out of range.
80
81
82       EPERM     For  setuid()  and seteuid(), the {PRIV_PROC_SETID} privilege
83                 is not asserted in the effective set of the  calling  process
84                 and  the uid argument does not match either the real or saved
85                 user IDs, or an attempt is made to change to UID 0  and  none
86                 of  the  existing  UIDs is 0, in which case additional privi‐
87                 leges are required.
88
89                 For setgid() and setegid(), the  {PRIV_PROC_SETID}  privilege
90                 is  not  asserted  in  the effective set and the gid argument
91                 does not match either the real or saved group IDs.
92
93

ATTRIBUTES

95       See attributes(5) for descriptions of the following attributes:
96
97
98
99
100       ┌─────────────────────────────┬─────────────────────────────┐
101       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
102       ├─────────────────────────────┼─────────────────────────────┤
103       │Interface Stability          │Standard                     │
104       ├─────────────────────────────┼─────────────────────────────┤
105       │MT-Level                     │Async-Signal-Safe            │
106       └─────────────────────────────┴─────────────────────────────┘
107

SEE ALSO

109       Intro(2),    exec(2),    getgroups(2),    getuid(2),     stat.h(3HEAD),
110       attributes(5), privileges(5), standards(5)
111
112
113
114SunOS 5.11                        20 Jan 2003                        setuid(2)
Impressum