xref: /xnu-11215.61.5/bsd/man/man2/setuid.2 (revision 4f1223e81cd707a65cc109d0b8ad6653699da3c4)

.\"	$NetBSD: setuid.2,v 1.3 1995/02/27 12:37:06 cgd Exp $
.\"
.\" Copyright (c) 1983, 1991, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\"    must display the following acknowledgement:
.\"	This product includes software developed by the University of
.\"	California, Berkeley and its contributors.
.\" 4. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\"     @(#)setuid.2	8.1 (Berkeley) 6/4/93
.\"
.Dd June 4, 1993
.Dt SETUID 2
.Os BSD 4.2
.Sh NAME
.Nm setegid ,
.Nm seteuid ,
.Nm setgid ,
.Nm setuid
.Nd set user and group ID
.Sh SYNOPSIS
.Fd #include <unistd.h>
.Ft int
.Fo setegid
.Fa "gid_t egid"
.Fc
.Ft int
.Fo seteuid
.Fa "uid_t euid"
.Fc
.Ft int
.Fo setgid
.Fa "gid_t gid"
.Fc
.Ft int
.Fo setuid
.Fa "uid_t uid"
.Fc
.Sh DESCRIPTION
The
.Fn setuid
function
sets the real and effective
user IDs and the saved set-user-ID of the current process
to the specified value.
The
.Fn setuid
function is permitted if the effective user ID is that of the super user,
or if the specified user ID is the same as the effective user ID.  If
not, but the specified user ID is the same as the real user ID,
.Fn setuid
will set the effective user ID to the real user ID.
.Pp
The
.Fn setgid
function
sets the real and effective
group IDs and the saved set-group-ID of the current process
to the specified value.
The
.Fn setgid
function is permitted if the effective user ID is that of the super user,
or if the specified group ID is the same as the effective group ID.  If
not, but the specified group ID is the same as the real group ID,
.Fn setgid
will set the effective group ID to the real group ID.
.Pp
The
.Fn seteuid
function
.Pq Fn setegid
sets the effective user ID (group ID) of the
current process.
The effective user ID may be set to the value
of the real user ID or the saved set-user-ID (see
.Xr intro 2
and
.Xr execve 2 ) ;
in this way, the effective user ID of a set-user-ID executable
may be toggled by switching to the real user ID, then re-enabled
by reverting to the set-user-ID value.
Similarly, the effective group ID may be set to the value
of the real group ID or the saved set-group-ID.
.Pp
.Sh RETURN VALUES
Upon success, these functions return 0;
otherwise \-1 is returned.
.Pp
If the user is not the super user, or the uid
specified is not the real, effective ID, or saved ID,
these functions return \-1.
.Pp
.Sh ERRORS
The
.Fn setegid ,
.Fn seteuid ,
.Fn setgid ,
and
.Fn setuid
system calls will fail if:
.Bl -tag -width Er
.\" ===========
.It Bq Er EINVAL
The value of the {group,user} ID argument is invalid
and is not supported by the implementation.
.\" ===========
.It Bq Er EPERM
The process does not have appropriate privileges and
the ID argument
does not match the real ID
or the saved set-{group,user}-ID.
.El
.Sh LEGACY SYNOPSIS
.Fd #include <sys/types.h>
.Fd #include <unistd.h>
.Pp
The include file
.In sys/types.h
is necessary for all functions.
.Sh SEE ALSO
.Xr getgid 2 ,
.Xr getuid 2 ,
.Xr compat 5
.Sh STANDARDS
The
.Fn setuid
and
.Fn setgid
functions are compliant with the
.St -p1003.1-90
specification with
.Li _POSIX_SAVED_IDS
defined, with the extensions allowed in section B.4.2.2.
The
.Fn seteuid
and
.Fn setegid
functions are extensions based on the
.Tn POSIX
concept of
.Li _POSIX_SAVED_IDS ,
and have been proposed for a future revision of the standard.