SETUID(2) System Calls Manual SETUID(2)NAME
setuid, setgid - set user or group ID's
SYNOPSIS
#include <sys/types.h>
int setuid(uid_t uid)
int setgid(gid_t gid)
DESCRIPTION
Setuid sets the real and effective user ID's of the current process to uid. Unprivileged users may only change both user ID's to the real
user ID; only the super-user may make other changes. Setgid does the same for the real and effective group ID's.
Minix-vmd allows an unprivileged user to change ID's to the original real or effective ID as they were at the time the process was exe-
cuted. Setgid may also set the group ID's to any of the additional group ID's. If one of the remembered user ID's was 0 then any user or
group ID may be chosen.
RETURN VALUE
Upon successful completion, a value of 0 is returned. Otherwise, a value of -1 is returned and errno is set to indicate the error.
ERRORS
[EPERM] The current process is not the super-user and a change other than one of the allowed changes was attempted.
SEE ALSO getuid(2), getgid(2).
4th Berkeley Distribution May 9, 1985 SETUID(2)
Check Out this Related Man Page
SETUID(2) BSD System Calls Manual SETUID(2)NAME
setuid, seteuid, setgid, setegid -- set user and group ID
SYNOPSIS
#include <sys/types.h>
#include <unistd.h>
int
setuid(uid_t uid);
int
seteuid(uid_t euid);
int
setgid(gid_t gid);
int
setegid(gid_t egid);
DESCRIPTION
The setuid() function sets the real and effective user IDs and the saved set-user-ID of the current process to the specified value. The
setuid() function is permitted if the effective user ID is that of the super user, or if the specified user ID is the same as the effective
user ID. If not, but the specified user ID is the same as the real user ID, setuid() will set the effective user ID to the real user ID.
The setgid() function sets the real and effective group IDs and the saved set-group-ID of the current process to the specified value. The
setgid() function is permitted if the effective user ID is that of the super user, or if the specified group ID is the same as the effective
group ID. If not, but the specified group ID is the same as the real group ID, setgid() will set the effective group ID to the real group
ID.
The seteuid() function (setegid()) sets the effective user ID (group ID) of the current process. The effective user ID may be set to the
value of the real user ID or the saved set-user-ID (see intro(2) and execve(2)); in this way, the effective user ID of a set-user-ID exe-
cutable may be toggled by switching to the real user ID, then re-enabled by reverting to the set-user-ID value. Similarly, the effective
group ID may be set to the value of the real group ID or the saved set-user-ID.
RETURN VALUES
Upon success, these functions return 0; otherwise -1 is returned.
If the user is not the super user, or the uid specified is not the real, effective ID, or saved ID, these functions return -1.
SEE ALSO getuid(2), getgid(2)STANDARDS
The setuid() and setgid() functions are compliant with the ISO/IEC 9945-1:1990 (``POSIX.1'') specification with _POSIX_SAVED_IDS defined,
with the extensions allowed in section B.4.2.2. The seteuid() and setegid() functions are extensions based on the POSIX concept of
_POSIX_SAVED_IDS, and have been proposed for a future revision of the standard.
4.2 Berkeley Distribution June 4, 1993 4.2 Berkeley Distribution
I would like to give execution rights for a script to one user. (that's the easy part...)
When that user is running the script, I would like the effective user ID to be that of the file-owner. Is this possible? (6 Replies)
I am trying to run chown and chmod from a script owned by root. The permissions are set to 4755 so that users can execute the script as root. However, when I run the script as a user other than root, I get "Operation not permitted" for both chown and chmod. Any ideas as to why this is? (6 Replies)
Hi,
I have a program with the following suid setup
-rwsr-sr-x 1 root other 653 Aug 16 17:00 restart_server
It basically starts up a service that has to be started by root. I just want the normal users to be able to restart the service using the script above.
But when the... (7 Replies)
hi all,
i have a critical and specific problem with respect to set uid bit on user and the dll's
for a binary, (under the userid A)
it needs libraries from /usr/lib and informix libraries from $INFORMIXDIR/lib/esql
but this binary should be kicked off from id B,
hence s-bit on user is... (5 Replies)
Guy's
I'm trying to add some lines in sudo by useing this command visudo
# User privilege specification
root ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel ALL=(ALL) ALL
# Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL
#... (5 Replies)
Hi All,
How to prevent root user from doing setuid().
In otherwords, if the root(any user) is trying to do setuid in a program it should fail. (5 Replies)
According to Security standards given in
https://www.stanford.edu/dept/as/ia/security/policies_standards/AS_standards/RH_linux_prod_sec_std_1.0.1.html
Being a production system i want to implement the same on our server.
but when i tried finding other files i got following output.
# ls... (5 Replies)
Hi,
OS : Linux
I have an executable (P1) owned by user say "abcd" and the setuid bit is set. And there is another executable (P2) which brings up the process (P1).
When the setuid bit is set, the process P1 is failing, if the setuid bit is not set there is no issue.
I was wondering if... (6 Replies)
Hi Gurus,
I need your suggestions,to implement setuid.
Here is the situation. I have a user xyz on a solaris zone.He needs to install a package using a pkgadd command but i guess only a root can run that .Is there any way I can set the setuid bit on the pkgadd which is in the location... (6 Replies)
Dear all,
I am newbie with linux, i dont understand any code. I have googled a long time. Please help me explain about setuid bit on linux (Centos 6)
Here:
1/ I chmod u+s for /sbin/iptables but normal user still cannot perform command (ex: /sbin/iptables -L)
2/Someone says : setuid only... (6 Replies)
While I was looking for tips for hardening the security of my MAC OSX I found the following posting:
"<How to disable Setuid and Setgid Binaries >
Setuid programs run with the privileges of the file's owner
(which is often root), no matter which user executes them.
Bugs in these programs... (6 Replies)
Hi,
I have the following 3 test files to test setuid bit which if it works I would like to implement in our application. However setuid doesnot seem to be having any impact on my test below.Following are the 3 files of interest in /tmp/ folder.
$ ls -ltr *env*
-rw------- 1 g332008 users 6... (23 Replies)
I have a user AAA who's who is part of a group call clserv and techsupp, His userfiles have the following permissions:-
drwxrwx--- 16 AAA clserv 1858 Aug 22 12:48 UserFiles
he has a link in his UserFiles/
lrwxrwxrwx 1 root root 36 Mar 9 2013 TECHSUPP_GLOBAL... (5 Replies)
I'm trying - as an ordinary user - to create a file in the root directory of my system. For that purpose I wrote a simple script that echoes a string into a file. I made the file executable, used sudo to change ownership to root. Like this:
$ cat hello
#!/bin/bash
echo hello > /hello
$... (5 Replies)