Penguin
Recent Changes
Annotated edit history of setgid(2) version 1, including all changes. View license author blame.
Rev Author # Line
1 perry 1 SETGID
2 !!!SETGID
3 NAME
4 SYNOPSIS
5 DESCRIPTION
6 RETURN VALUE
7 ERRORS
8 CONFORMING TO
9 SEE ALSO
10 ----
11 !!NAME
12
13
14 setgid - set group identity
15 !!SYNOPSIS
16
17
18 __#include __
19 #include __
20
21
22 __int setgid(gid_t__ ''gid''__)__
23 !!DESCRIPTION
24
25
26 __setgid__ sets the effective group ID of the current
27 process. If the caller is the superuser, the real and saved
28 group ID's are also set.
29
30
31 Under Linux, __setgid__ is implemented like the POSIX
32 version with the _POSIX_SAVED_IDS feature. This allows a
33 setgid (other than root) program to drop all of its group
34 privileges, do some un-privileged work, and then re-engage
35 the original effective group ID in a secure
36 manner.
37
38
39 If the user is root or the program is setgid root, special
40 care must be taken. The __setgid__ function checks the
41 effective gid of the caller and if it is the superuser, all
42 process related group ID's are set to ''gid''. After this
43 has occurred, it is impossible for the program to regain
44 root privileges.
45
46
47 Thus, a setgid-root program wishing to temporarily drop root
48 privileges, assume the identity of a non-root group, and
49 then regain root privileges afterwards cannot use
50 __setgid__. You can accomplish this with the (non-POSIX,
51 BSD) call __setegid__.
52 !!RETURN VALUE
53
54
55 On success, zero is returned. On error, -1 is returned, and
56 ''errno'' is set appropriately.
57 !!ERRORS
58
59
60 __EPERM__
61
62
63 The user is not the super-user, and ''gid'' does not
64 match the effective group ID or saved set-group-ID of the
65 calling process.
66 !!CONFORMING TO
67
68
69 SVr4, SVID.
70 !!SEE ALSO
71
72
73 getgid(2), setregid(2),
74 setegid(2)
75 ----
This page is a man page (or other imported legacy content). We are unable to automatically determine the license status of this page.