setuid(2)setuid(2)NAMEsetuid(), setgid() - set user and group IDs
SYNOPSISDESCRIPTION
sets the real-user-ID (ruid), effective-user-ID (euid), and/or saved-
user-ID (suid) of the calling process. If the Security Containment
product is installed, these interfaces treat a process observing as a
privileged process. Otherwise, only processes with an euid of zero are
treated as privileged processes. See privileges(5) for more informa‐
tion on Security Containment and fine-grained privileges.
The following conditions govern setuid's behavior:
· If the process is privileged, sets the ruid, euid, and suid
to uid.
· If the process is not privileged and the argument uid is
equal to the ruid or the suid, sets the euid to uid; the ruid
and suid remain unchanged. (If a set-user-ID program is not
running as superuser, it can change its euid to match its
ruid and reset itself to the previous euid value.)
· If the process is not privileged, the argument uid is equal
to the euid, and the calling process has the privilege, sets
the ruid to uid; the euid and suid remain unchanged.
sets the real-group-ID (rgid), effective-group-ID (egid), and/or saved-
group-ID (sgid) of the calling process. The following conditions gov‐
ern behavior:
· If the process is privileged, sets the rgid and egid to gid.
· If the process is not privileged and the argument gid is
equal to the rgid or the sgid, sets the egid to gid; the rgid
and sgid remain unchanged.
· If the process is not privileged, the argument gid is equal
to the egid, and the calling process has the privilege, sets
the rgid to gid; the egid and sgid remain unchanged.
Security Restrictions
Some or all of the actions associated with this system call require the
privilege. Processes owned by the superuser have this privilege. Pro‐
cesses owned by other users may have this privilege, depending on sys‐
tem configuration.
See privileges(5) for more information about privileged access on sys‐
tems that support fine-grained privileges.
RETURN VALUE
Upon successful completion, and return 0; otherwise, they return −1 and
set to indicate the error.
ERRORS
and fail and return −1 if any of the following conditions are encoun‐
tered:
None of the conditions above are met.
uid (gid) is not a valid user (group) ID.
WARNINGS
It is recommended that the capability be avoided, as it is provided for
backward compatibility. This feature may be modified or dropped from
future HP-UX releases. When changing the real user ID and real group
ID, use of and (see setresuid(2)) is recommended instead.
AUTHOR
was developed by AT&T, the University of California, Berkeley, and HP.
was developed by AT&T.
SEE ALSOexec(2), getuid(2), setresuid(2), privileges(5).
STANDARDS CONFORMANCEsetuid(2)