diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-24 04:52:22 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-24 04:52:22 +0000 |
commit | 3d08cd331c1adcf0d917392f7e527b3f00511748 (patch) | |
tree | 312f0d1e1632f48862f044b8bb87e602dcffb5f9 /man2/setuid.2 | |
parent | Adding debian version 6.7-2. (diff) | |
download | manpages-3d08cd331c1adcf0d917392f7e527b3f00511748.tar.xz manpages-3d08cd331c1adcf0d917392f7e527b3f00511748.zip |
Merging upstream version 6.8.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'man2/setuid.2')
-rw-r--r-- | man2/setuid.2 | 156 |
1 files changed, 0 insertions, 156 deletions
diff --git a/man2/setuid.2 b/man2/setuid.2 deleted file mode 100644 index e9a283e..0000000 --- a/man2/setuid.2 +++ /dev/null @@ -1,156 +0,0 @@ -.\" Copyright (C), 1994, Graeme W. Wilford (Wilf). -.\" and Copyright (C) 2010, 2014, 2015, Michael Kerrisk <mtk.manpages@gmail.com> -.\" -.\" SPDX-License-Identifier: Linux-man-pages-copyleft -.\" -.\" Fri Jul 29th 12:56:44 BST 1994 Wilf. <G.Wilford@ee.surrey.ac.uk> -.\" Changes inspired by patch from Richard Kettlewell -.\" <richard@greenend.org.uk>, aeb 970616. -.\" Modified, 27 May 2004, Michael Kerrisk <mtk.manpages@gmail.com> -.\" Added notes on capability requirements -.TH setuid 2 2023-10-31 "Linux man-pages 6.7" -.SH NAME -setuid \- set user identity -.SH LIBRARY -Standard C library -.RI ( libc ", " \-lc ) -.SH SYNOPSIS -.nf -.B #include <unistd.h> -.P -.BI "int setuid(uid_t " uid ); -.fi -.SH DESCRIPTION -.BR setuid () -sets the effective user ID of the calling process. -If the calling process is privileged -(more precisely: if the process has the -.B CAP_SETUID -capability in its user namespace), -the real UID and saved set-user-ID are also set. -.P -Under Linux, -.BR setuid () -is implemented like the POSIX version with the -.B _POSIX_SAVED_IDS -feature. -This allows a set-user-ID (other than root) program to drop all of its user -privileges, do some un-privileged work, and then reengage the original -effective user ID in a secure manner. -.P -If the user is root or the program is set-user-ID-root, special care must be -taken: -.BR setuid () -checks the effective user ID of the caller and if it is -the superuser, all process-related user ID's are set to -.IR uid . -After this has occurred, it is impossible for the program to regain root -privileges. -.P -Thus, a set-user-ID-root program wishing to temporarily drop root -privileges, assume the identity of an unprivileged user, and then regain -root privileges afterward cannot use -.BR setuid (). -You can accomplish this with -.BR seteuid (2). -.SH RETURN VALUE -On success, zero is returned. -On error, \-1 is returned, and -.I errno -is set to indicate the error. -.P -.IR Note : -there are cases where -.BR setuid () -can fail even when the caller is UID 0; -it is a grave security error to omit checking for a failure return from -.BR setuid (). -.SH ERRORS -.TP -.B EAGAIN -The call would change the caller's real UID (i.e., -.I uid -does not match the caller's real UID), -but there was a temporary failure allocating the -necessary kernel data structures. -.TP -.B EAGAIN -.I uid -does not match the real user ID of the caller and this call would -bring the number of processes belonging to the real user ID -.I uid -over the caller's -.B RLIMIT_NPROC -resource limit. -Since Linux 3.1, this error case no longer occurs -(but robust applications should check for this error); -see the description of -.B EAGAIN -in -.BR execve (2). -.TP -.B EINVAL -The user ID specified in -.I uid -is not valid in this user namespace. -.TP -.B EPERM -The user is not privileged (Linux: does not have the -.B CAP_SETUID -capability in its user namespace) and -.I uid -does not match the real UID or saved set-user-ID of the calling process. -.SH VERSIONS -.SS C library/kernel differences -At the kernel level, user IDs and group IDs are a per-thread attribute. -However, POSIX requires that all threads in a process -share the same credentials. -The NPTL threading implementation handles the POSIX requirements by -providing wrapper functions for -the various system calls that change process UIDs and GIDs. -These wrapper functions (including the one for -.BR setuid ()) -employ a signal-based technique to ensure -that when one thread changes credentials, -all of the other threads in the process also change their credentials. -For details, see -.BR nptl (7). -.SH STANDARDS -POSIX.1-2008. -.SH HISTORY -POSIX.1-2001, SVr4. -.P -Not quite compatible with the 4.4BSD call, which -sets all of the real, saved, and effective user IDs. -.\" SVr4 documents an additional EINVAL error condition. -.P -The original Linux -.BR setuid () -system call supported only 16-bit user IDs. -Subsequently, Linux 2.4 added -.BR setuid32 () -supporting 32-bit IDs. -The glibc -.BR setuid () -wrapper function transparently deals with the variation across kernel versions. -.SH NOTES -Linux has the concept of the filesystem user ID, normally equal to the -effective user ID. -The -.BR setuid () -call also sets the filesystem user ID of the calling process. -See -.BR setfsuid (2). -.P -If -.I uid -is different from the old effective UID, the process will -be forbidden from leaving core dumps. -.SH SEE ALSO -.BR getuid (2), -.BR seteuid (2), -.BR setfsuid (2), -.BR setreuid (2), -.BR capabilities (7), -.BR credentials (7), -.BR user_namespaces (7) |