1.\" $NetBSD: setuid.2,v 1.5 1997/07/14 23:20:15 kleink Exp $ 2.\" 3.\" Copyright (c) 1983, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" @(#)setuid.2 8.1 (Berkeley) 6/4/93 35.\" 36.Dd June 4, 1993 37.Dt SETUID 2 38.Os BSD 4.2 39.Sh NAME 40.Nm setuid , 41.Nm seteuid , 42.Nm setgid , 43.Nm setegid 44.Nd set user and group ID 45.Sh SYNOPSIS 46.Fd #include <sys/types.h> 47.Fd #include <unistd.h> 48.Ft int 49.Fn setuid "uid_t uid" 50.Ft int 51.Fn seteuid "uid_t euid" 52.Ft int 53.Fn setgid "gid_t gid" 54.Ft int 55.Fn setegid "gid_t egid" 56.Sh DESCRIPTION 57The 58.Fn setuid 59function 60sets the real and effective 61user IDs and the saved set-user-ID of the current process 62to the specified value. 63The 64.Fn setuid 65function is permitted if the specified ID is equal to the real user ID 66of the process, or if the effective user ID is that of the super user. 67.Pp 68The 69.Fn setgid 70function 71sets the real and effective 72group IDs and the saved set-group-ID of the current process 73to the specified value. 74The 75.Fn setgid 76function is permitted if the specified ID is equal to the real group ID 77of the process, or if the effective user ID is that of the super user. 78.Pp 79The 80.Fn seteuid 81function 82.Pq Fn setegid 83sets the effective user ID (group ID) of the 84current process. 85The effective user ID may be set to the value 86of the real user ID or the saved set-user-ID (see 87.Xr intro 2 88and 89.Xr execve 2 ) ; 90in this way, the effective user ID of a set-user-ID executable 91may be toggled by switching to the real user ID, then re-enabled 92by reverting to the set-user-ID value. 93Similarly, the effective group ID may be set to the value 94of the real group ID or the saved set-user-ID. 95.Pp 96.Sh RETURN VALUES 97Upon success, these functions return 0; 98otherwise \-1 is returned. 99.Pp 100If the user is not the super user, or the uid 101specified is not the real, effective ID, or saved ID, 102these functions return \-1. 103.Sh SEE ALSO 104.Xr getuid 2 , 105.Xr getgid 2 106.Sh STANDARDS 107The 108.Fn setuid 109and 110.Fn setgid 111functions are compliant with the 112.St -p1003.1-90 113specification with 114.Li _POSIX_SAVED_IDS 115not defined. 116We do not implement the 117.Li _POSIX_SAVED_IDS 118option as specified in the standard 119because this would make it impossible for a set-user-ID executable owned 120by a user other than the super-user to permanently revoke its privileges. 121.Pp 122The 123.Fn seteuid 124and 125.Fn setegid 126functions are extensions based on the 127.Tn POSIX 128concept of 129.Li _POSIX_SAVED_IDS , 130and have been proposed for a future revision of the standard. 131They provide the same feature of toggling effective IDs as 132.Li _POSIX_SAVED_IDS , 133but do so independent of the current effective 134ID, rather than requiring the super-user to permanently revoke its 135privileges. 136