libc/sys/setuid.2

.\"	$NetBSD: setuid.2,v 1.22 2010/04/05 07:44:28 wiz Exp $
.\"
.\" Copyright (c) 1983, 1991, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"     @(#)setuid.2	8.1 (Berkeley) 6/4/93
.\"
.Dd April 3, 2010
.Dt SETUID 2
.Os
.Sh NAME
.Nm setuid ,
.Nm seteuid ,
.Nm setgid ,
.Nm setegid
.Nd set user and group ID
.Sh LIBRARY
.Lb libc
.Sh SYNOPSIS
.In unistd.h
.Ft int
.Fn setuid "uid_t uid"
.Ft int
.Fn seteuid "uid_t euid"
.Ft int
.Fn setgid "gid_t gid"
.Ft int
.Fn setegid "gid_t egid"
.Sh DESCRIPTION
The
.Fn setuid
function
sets the real and effective
user IDs and the saved set-user-ID of the current process
to the specified value.
The
.Fn setuid
function is permitted if the specified ID is equal to the real user ID
of the process, or if the effective user ID is that of the super user.
.Pp
The
.Fn setgid
function
sets the real and effective
group IDs and the saved set-group-ID of the current process
to the specified value.
The
.Fn setgid
function is permitted if the specified ID is equal to the real group ID
of the process, or if the effective user ID is that of the super user.
Supplementary group IDs remain unchanged.
.Pp
The
.Fn seteuid
function
.Pq Fn setegid
sets the effective user ID (group ID) of the
current process.
The effective user ID may be set to the value
of the real user ID or the saved set-user-ID (see
.Xr intro 2
and
.Xr execve 2 ) ;
in this way, the effective user ID of a set-user-ID executable
may be toggled by switching to the real user ID, then re-enabled
by reverting to the set-user-ID value.
Similarly, the effective group ID may be set to the value
of the real group ID or the saved set-group-ID.
.Sh RETURN VALUES
Upon success, these functions return 0;
otherwise \-1 is returned.
.Pp
If the user is not the super user, or the uid
specified is not the real, effective ID, or saved ID,
these functions return \-1.
.Sh SEE ALSO
.Xr getgid 2 ,
.Xr getgroups 2 ,
.Xr getuid 2
.Sh STANDARDS
The
.Fn setuid
and
.Fn setgid
functions are compliant with the
.St -p1003.1-90
specification with
.Li _POSIX_SAVED_IDS
not defined.
We do not implement the
.Li _POSIX_SAVED_IDS
option as specified in the standard
because this would make it impossible for a set-user-ID executable owned
by a user other than the super-user to permanently revoke its privileges.
.Pp
The
.Fn seteuid
and
.Fn setegid
functions are compliant with
.St -p1003.1-2001 .
.Sh HISTORY
The
.Fn setuid
and
.Fn setgid
functions appeared in
.At v2
and
.At v4 ,
respectively.