1.\" $NetBSD: setuid.2,v 1.8 1999/12/28 02:51:17 mjl Exp $ 2.\" 3.\" Copyright (c) 1983, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" @(#)setuid.2 8.1 (Berkeley) 6/4/93 35.\" 36.Dd June 4, 1993 37.Dt SETUID 2 38.Os 39.Sh NAME 40.Nm setuid , 41.Nm seteuid , 42.Nm setgid , 43.Nm setegid 44.Nd set user and group ID 45.Sh LIBRARY 46.Lb libc 47.Sh SYNOPSIS 48.Fd #include <sys/types.h> 49.Fd #include <unistd.h> 50.Ft int 51.Fn setuid "uid_t uid" 52.Ft int 53.Fn seteuid "uid_t euid" 54.Ft int 55.Fn setgid "gid_t gid" 56.Ft int 57.Fn setegid "gid_t egid" 58.Sh DESCRIPTION 59The 60.Fn setuid 61function 62sets the real and effective 63user IDs and the saved set-user-ID of the current process 64to the specified value. 65The 66.Fn setuid 67function is permitted if the specified ID is equal to the real user ID 68of the process, or if the effective user ID is that of the super user. 69.Pp 70The 71.Fn setgid 72function 73sets the real and effective 74group IDs and the saved set-group-ID of the current process 75to the specified value. 76The 77.Fn setgid 78function is permitted if the specified ID is equal to the real group ID 79of the process, or if the effective user ID is that of the super user. 80.Pp 81The 82.Fn seteuid 83function 84.Pq Fn setegid 85sets the effective user ID (group ID) of the 86current process. 87The effective user ID may be set to the value 88of the real user ID or the saved set-user-ID (see 89.Xr intro 2 90and 91.Xr execve 2 ) ; 92in this way, the effective user ID of a set-user-ID executable 93may be toggled by switching to the real user ID, then re-enabled 94by reverting to the set-user-ID value. 95Similarly, the effective group ID may be set to the value 96of the real group ID or the saved set-group-ID. 97.Pp 98.Sh RETURN VALUES 99Upon success, these functions return 0; 100otherwise \-1 is returned. 101.Pp 102If the user is not the super user, or the uid 103specified is not the real, effective ID, or saved ID, 104these functions return \-1. 105.Sh SEE ALSO 106.Xr getuid 2 , 107.Xr getgid 2 108.Sh STANDARDS 109The 110.Fn setuid 111and 112.Fn setgid 113functions are compliant with the 114.St -p1003.1-90 115specification with 116.Li _POSIX_SAVED_IDS 117not defined. 118We do not implement the 119.Li _POSIX_SAVED_IDS 120option as specified in the standard 121because this would make it impossible for a set-user-ID executable owned 122by a user other than the super-user to permanently revoke its privileges. 123.Pp 124The 125.Fn seteuid 126and 127.Fn setegid 128functions are extensions based on the 129.Tn POSIX 130concept of 131.Li _POSIX_SAVED_IDS , 132and have been proposed for a future revision of the standard. 133They provide the same feature of toggling effective IDs as 134.Li _POSIX_SAVED_IDS , 135but do so independent of the current effective 136ID, rather than requiring the super-user to permanently revoke its 137privileges. 138