]>
Commit | Line | Data |
---|---|---|
fea681da MK |
1 | .\" Copyright (C), 1994, Graeme W. Wilford (Wilf). |
2 | .\" | |
3 | .\" Permission is granted to make and distribute verbatim copies of this | |
4 | .\" manual provided the copyright notice and this permission notice are | |
5 | .\" preserved on all copies. | |
6 | .\" | |
7 | .\" Permission is granted to copy and distribute modified versions of this | |
8 | .\" manual under the conditions for verbatim copying, provided that the | |
9 | .\" entire resulting derived work is distributed under the terms of a | |
10 | .\" permission notice identical to this one. | |
c13182ef | 11 | .\" |
fea681da MK |
12 | .\" Since the Linux kernel and libraries are constantly changing, this |
13 | .\" manual page may be incorrect or out-of-date. The author(s) assume no | |
14 | .\" responsibility for errors or omissions, or for damages resulting from | |
15 | .\" the use of the information contained herein. The author(s) may not | |
16 | .\" have taken the same level of care in the production of this manual, | |
17 | .\" which is licensed free of charge, as they might when working | |
18 | .\" professionally. | |
c13182ef | 19 | .\" |
fea681da MK |
20 | .\" Formatted or processed versions of this manual, if unaccompanied by |
21 | .\" the source, must acknowledge the copyright and authors of this work. | |
22 | .\" | |
c13182ef | 23 | .\" Fri Jul 29th 12:56:44 BST 1994 Wilf. <G.Wilford@ee.surrey.ac.uk> |
fea681da MK |
24 | .\" Changes inspired by patch from Richard Kettlewell |
25 | .\" <richard@greenend.org.uk>, aeb 970616. | |
305a0578 | 26 | .\" Modified, 27 May 2004, Michael Kerrisk <mtk-manpages@gmx.net> |
fea681da MK |
27 | .\" Added notes on capability requirements |
28 | .TH SETUID 2 2004-05-27 "Linux 2.6.6" "Linux Programmer's Manual" | |
29 | .SH NAME | |
30 | setuid \- set user identity | |
31 | .SH SYNOPSIS | |
32 | .B #include <sys/types.h> | |
33 | .br | |
34 | .B #include <unistd.h> | |
35 | .sp | |
36 | .BI "int setuid(uid_t " uid ); | |
37 | .SH DESCRIPTION | |
e511ffb6 | 38 | .BR setuid () |
fea681da | 39 | sets the effective user ID of the current process. |
d9df8ff8 MK |
40 | If the effective UID of the caller is root, |
41 | the real UID and saved set-user-ID are also set. | |
fea681da | 42 | .PP |
c13182ef | 43 | Under Linux, |
e511ffb6 | 44 | .BR setuid () |
fea681da | 45 | is implemented like the POSIX version with the _POSIX_SAVED_IDS feature. |
880f5b4b | 46 | This allows a set-user-ID (other than root) program to drop all of its user |
fea681da MK |
47 | privileges, do some un-privileged work, and then re-engage the original |
48 | effective user ID in a secure manner. | |
49 | .PP | |
880f5b4b | 50 | If the user is root or the program is set-user-ID-root, special care must be |
c13182ef MK |
51 | taken. |
52 | The | |
e511ffb6 | 53 | .BR setuid () |
d3c8b3e9 MK |
54 | function checks the effective user ID of the caller and if it is |
55 | the superuser, all process related user ID's are set to | |
c13182ef | 56 | .IR uid . |
fea681da MK |
57 | After this has occurred, it is impossible for the program to regain root |
58 | privileges. | |
59 | .PP | |
880f5b4b | 60 | Thus, a set-user-ID-root program wishing to temporarily drop root |
fea681da | 61 | privileges, assume the identity of a non-root user, and then regain |
c13182ef | 62 | root privileges afterwards cannot use |
e511ffb6 | 63 | .BR setuid (). |
fea681da | 64 | You can accomplish this with the (non-POSIX, BSD) call |
e1d6264d | 65 | .BR seteuid (). |
fea681da | 66 | .SH "RETURN VALUE" |
c13182ef MK |
67 | On success, zero is returned. |
68 | On error, \-1 is returned, and | |
fea681da MK |
69 | .I errno |
70 | is set appropriately. | |
71 | .SH ERRORS | |
72 | .TP | |
73 | .B EAGAIN | |
74 | The | |
75 | .I uid | |
c13182ef | 76 | does not match the current uid and |
fea681da MK |
77 | .I uid |
78 | brings process over it's NPROC rlimit. | |
79 | .TP | |
80 | .B EPERM | |
81 | The user is not privileged (Linux: does not have the | |
82 | .B CAP_SETUID | |
83 | capability) and | |
84 | .I uid | |
d9df8ff8 | 85 | does not match the real UID or saved set-user-ID of the calling process. |
fea681da | 86 | .SH "CONFORMING TO" |
c13182ef | 87 | SVr4, POSIX.1-2001. |
97c1eac8 | 88 | Not quite compatible with the 4.4BSD call, which |
c13182ef | 89 | sets all of the real, saved, and effective user IDs. |
97c1eac8 | 90 | .\" SVr4 documents an additional EINVAL error condition. |
fea681da MK |
91 | .SH "LINUX-SPECIFIC REMARKS" |
92 | Linux has the concept of filesystem user ID, normally equal to the | |
c13182ef MK |
93 | effective user ID. |
94 | The | |
e511ffb6 | 95 | .BR setuid () |
fea681da MK |
96 | call also sets the filesystem user ID of the current process. |
97 | See | |
98 | .BR setfsuid (2). | |
99 | .PP | |
100 | If | |
101 | .I uid | |
102 | is different from the old effective uid, the process will | |
103 | be forbidden from leaving core dumps. | |
104 | .SH "SEE ALSO" | |
105 | .BR getuid (2), | |
106 | .BR seteuid (2), | |
107 | .BR setfsuid (2), | |
108 | .BR setreuid (2), | |
109 | .BR capabilities (7) |