SETGID(2)           Linux Programmer's Manual           SETGID(2)

NAME
       setgid - set group identity

SYNOPSIS
       #include <unistd.h>

       int setgid(gid_t gid)

DESCRIPTION
       setgid sets the effective group ID of the current process.
       If the caller is the superuser, the real and  saved  group
       ID's are also set.

       Under  Linux, setgid is implemented like the POSIX version
       with the _POSIX_SAVED_IDS feature.  This allows  a  setgid
       (other  than root) program to drop all of its group privi-
       leges, do some un-privileged work, and then re-engage  the
       original effective group ID in a secure manner.

       If the user is root or the program is setgid root, special
       care must be taken. The setgid function checks the  effec-
       tive  gid  of  the  caller and if it is the superuser, all
       process related group ID's are set to gid.  After this has
       occurred,  it is impossible for the program to regain root
       privileges.

       Thus, a setgid-root program wishing  to  temporarily  drop
       root  privileges, assume the identity of a non-root group,
       and then regain root privileges afterwards cannot use set-
       gid.   You  can  accomplish this with the (non-POSIX, BSD)
       call setegid.

RETURN VALUE
       On success, zero is returned.  On error, -1  is  returned,
       and errno is set appropriately.

ERRORS
       EPERM   The  user  is not the super-user, and gid does not
               match the effective or saved group ID of the call-
               ing process.

CONFORMING TO
       SVr4, SVID.

SEE ALSO
       getgid(2), setregid(2), setegid(2)

Linux 1.1.36               29 July 1994                         1