.\" Copyright (C) 1995, Thomas K. Dyas <tdyas@eden.rutgers.edu>
+.\" and Copyright (C) 2019, Michael Kerrisk <mtk.manpages@gmail.com>
.\"
.\" %%%LICENSE_START(VERBATIM)
.\" Permission is granted to make and distribute verbatim copies of this
.PP
.BI "int setfsgid(uid_t " fsgid );
.SH DESCRIPTION
-The system call
-.BR setfsgid ()
-changes the value of the caller's filesystem group ID\(emthe
-group ID that the Linux kernel uses to check for all accesses
-to the filesystem.
-Normally, the value of
-the filesystem group ID
-will shadow the value of the effective group ID.
-In fact, whenever the
-effective group ID is changed,
-the filesystem group ID
-will also be changed to the new value of the effective group ID.
+On Linux, a process has both a filesystem group ID and an effective group ID.
+The (Linux-specific) filesystem group ID is used
+for permissions checking when accessing filesystem objects,
+while the effective group ID is used for some other kinds
+of permissions checks (see
+.BR credentials (7)).
.PP
-Explicit calls to
-.BR setfsuid (2)
-and
+Normally, the value of the process's filesystem group ID
+is the same as the value of its effective group ID.
+This is so, because whenever a process's effective group ID is changed,
+the kernel also changes the filesystem group ID to be the same as
+the new value of the effective group ID.
+A process can cause the value of its filesystem group ID to diverge
+from its effective group ID by using
.BR setfsgid ()
-are usually used only by programs such as the Linux NFS server that
-need to change what user and group ID is used for file access without a
-corresponding change in the real and effective user and group IDs.
-A change in the normal user IDs for a program such as the NFS server
-is a security hole that can expose it to unwanted signals.
-(But see below.)
+to change its filesystem group ID to the value given in
+.IR fsgid .
.PP
.BR setfsgid ()
will succeed only if the caller is the superuser or if
is Linux-specific and should not be used in programs intended
to be portable.
.SH NOTES
-Note that at the time this system call was introduced, a process
-could send a signal to a process with the same effective user ID.
-Today signal permission handling is slightly different.
+The filesystem group ID concept and the
+.BR setfsgid ()
+system call were invented for historical reasons that are
+no longer applicable on modern Linux kernels.
See
.BR setfsuid (2)
for a discussion of why the use of both