Computer Science
SETUID(2) Linux Programmer's Manual SETUID(2)
NAME
setuid - set user identity
SYNOPSIS
#include <unistd.h>
int setuid(uid_t uid)
DESCRIPTION
setuid sets the effective user ID of the current process.
If the effective userid of the caller is root, the real
and saved user ID's are also set.
Under Linux, setuid is implemented like the POSIX version
with the _POSIX_SAVED_IDS feature. This allows a setuid
(other than root) program to drop all of its user privi-
leges, do some un-privileged work, and then re-engage the
original effective user ID in a secure manner.
If the user is root or the program is setuid root, special
care must be taken. The setuid function checks the effec-
tive uid of the caller and if it is the superuser, all
process related user ID's are set to uid. After this has
occurred, it is impossible for the program to regain root
privileges.
Thus, a setuid-root program wishing to temporarily drop
root privileges, assume the identity of a non-root user,
and then regain root privileges afterwards cannot use
setuid. You can accomplish this with the (non-POSIX, BSD)
call seteuid.
RETURN VALUE
On success, zero is returned. On error, -1 is returned,
and errno is set appropriately.
ERRORS
EPERM The user is not the super-user, and uid does not
match the effective or saved user ID of the calling
process.
CONFORMING TO
SVr4, SVID, POSIX.1. Not quite compatible with the 4.4BSD
call, which sets all of the real, saved, and effective
user IDs. SVr4 documents an additional EINVAL error con-
dition.
LINUX-SPECIFIC REMARKS
Linux has the concept of filesystem user ID, normally
equal to the effective user ID. The setuid call also sets
the filesystem user ID of the current process. See setf-
suid(2).
If uid is different from the old effective uid, the pro-
cess will be forbidden from leaving core dumps.
SEE ALSO
getuid(2), setreuid(2), seteuid(2), setfsuid(2)
Linux 1.1.36 29 July 1994 1
Back to the index
