version 1, including all changes.
.
Rev |
Author |
# |
Line |
1 |
perry |
1 |
SETUID |
|
|
2 |
!!!SETUID |
|
|
3 |
NAME |
|
|
4 |
SYNOPSIS |
|
|
5 |
DESCRIPTION |
|
|
6 |
RETURN VALUE |
|
|
7 |
ERRORS |
|
|
8 |
CONFORMING TO |
|
|
9 |
LINUX-SPECIFIC REMARKS |
|
|
10 |
SEE ALSO |
|
|
11 |
---- |
|
|
12 |
!!NAME |
|
|
13 |
|
|
|
14 |
|
|
|
15 |
setuid - set user identity |
|
|
16 |
!!SYNOPSIS |
|
|
17 |
|
|
|
18 |
|
|
|
19 |
__#include __ |
|
|
20 |
#include __ |
|
|
21 |
|
|
|
22 |
|
|
|
23 |
__int setuid(uid_t__ ''uid''__)__ |
|
|
24 |
!!DESCRIPTION |
|
|
25 |
|
|
|
26 |
|
|
|
27 |
__setuid__ sets the effective user ID of the current |
|
|
28 |
process. If the effective userid of the caller is root, the |
|
|
29 |
real and saved user ID's are also set. |
|
|
30 |
|
|
|
31 |
|
|
|
32 |
Under Linux, __setuid__ is implemented like the POSIX |
|
|
33 |
version with the _POSIX_SAVED_IDS feature. This allows a |
|
|
34 |
setuid (other than root) program to drop all of its user |
|
|
35 |
privileges, do some un-privileged work, and then re-engage |
|
|
36 |
the original effective user ID in a secure |
|
|
37 |
manner. |
|
|
38 |
|
|
|
39 |
|
|
|
40 |
If the user is root or the program is setuid root, special |
|
|
41 |
care must be taken. The __setuid__ function checks the |
|
|
42 |
effective uid of the caller and if it is the superuser, all |
|
|
43 |
process related user ID's are set to ''uid''. After this |
|
|
44 |
has occurred, it is impossible for the program to regain |
|
|
45 |
root privileges. |
|
|
46 |
|
|
|
47 |
|
|
|
48 |
Thus, a setuid-root program wishing to temporarily drop root |
|
|
49 |
privileges, assume the identity of a non-root user, and then |
|
|
50 |
regain root privileges afterwards cannot use __setuid__. |
|
|
51 |
You can accomplish this with the (non-POSIX, BSD) call |
|
|
52 |
__seteuid__. |
|
|
53 |
!!RETURN VALUE |
|
|
54 |
|
|
|
55 |
|
|
|
56 |
On success, zero is returned. On error, -1 is returned, and |
|
|
57 |
''errno'' is set appropriately. |
|
|
58 |
!!ERRORS |
|
|
59 |
|
|
|
60 |
|
|
|
61 |
__EPERM__ |
|
|
62 |
|
|
|
63 |
|
|
|
64 |
The user is not the super-user, and ''uid'' does not |
|
|
65 |
match the real or saved user ID of the calling |
|
|
66 |
process. |
|
|
67 |
!!CONFORMING TO |
|
|
68 |
|
|
|
69 |
|
|
|
70 |
SVr4, SVID, POSIX.1. Not quite compatible with the 4.4BSD |
|
|
71 |
call, which sets all of the real, saved, and effective user |
|
|
72 |
IDs. SVr4 documents an additional EINVAL error |
|
|
73 |
condition. |
|
|
74 |
!!LINUX-SPECIFIC REMARKS |
|
|
75 |
|
|
|
76 |
|
|
|
77 |
Linux has the concept of filesystem user ID, normally equal |
|
|
78 |
to the effective user ID. The __setuid__ call also sets |
|
|
79 |
the filesystem user ID of the current process. See |
|
|
80 |
setfsuid(2). |
|
|
81 |
|
|
|
82 |
|
|
|
83 |
If ''uid'' is different from the old effective uid, the |
|
|
84 |
process will be forbidden from leaving core |
|
|
85 |
dumps. |
|
|
86 |
!!SEE ALSO |
|
|
87 |
|
|
|
88 |
|
|
|
89 |
getuid(2), setreuid(2), seteuid(2), |
|
|
90 |
setfsuid(2) |
|
|
91 |
---- |