OpenBSD manual page server

Manual Page Search Parameters

SETUID(2) System Calls Manual SETUID(2)

setuid, seteuid, setgid, setegidset user and group ID

#include <unistd.h>

int
setuid(uid_t uid);

int
seteuid(uid_t euid);

int
setgid(gid_t gid);

int
setegid(gid_t egid);

The () function sets the real and effective user IDs and the saved set-user-ID of the current process to the specified value. The setuid() function is permitted if the effective user ID is that of the superuser, or if the specified user ID is the same as the effective user ID. If not, but the specified user ID is the same as the real user ID, setuid() will set the effective user ID to the real user ID.

The () function sets the real and effective group IDs and the saved set-group-ID of the current process to the specified value. The setgid() function is permitted if the effective user ID is that of the superuser, or if the specified group ID is the same as the effective group ID. If not, but the specified group ID is the same as the real group ID, setgid() will set the effective group ID to the real group ID. Supplementary group IDs remain unchanged.

The () function (()) sets the effective user ID (group ID) of the current process. The effective user ID may be set to the value of the real user ID or the saved set-user-ID (see intro(2) and execve(2)); in this way, the effective user ID of a set-user-ID executable may be toggled by switching to the real user ID, then re-enabled by reverting to the set-user-ID value. Similarly, the effective group ID may be set to the value of the real group ID or the saved set-group-ID.

The setuid(), seteuid(), setgid(), and setegid() functions return the value 0 if successful; otherwise the value -1 is returned and the global variable errno is set to indicate the error.

setuid() and seteuid() will succeed unless:

[]
The user is not the superuser and the requested uid or euid is not the process's real, effective, or saved UID.

setgid() and setegid() will succeed unless:

[]
The user is not the superuser and the requested gid or egid is not the process's real, effective, or saved GID.

getgid(2), getuid(2), issetugid(2), setgroups(2), setregid(2), setresgid(2), setresuid(2), setreuid(2)

The setuid(), seteuid(), setgid(), and setegid() functions conform to IEEE Std 1003.1-2008 (“POSIX.1”).

The setuid() system call first appeared in Version 1 AT&T UNIX; setgid() in Version 4 AT&T UNIX; and seteuid() and setegid() in 4.2BSD.

September 9, 2014 OpenBSD-current