Manpages

Manpage of SETGID

SETGID

Section: Linux Programmer's Manual (2)
Updated: 1994-07-29
Index
Return to Main Contents
 

NAME

setgid - set group identity  

SYNOPSIS

#include <sys/types.h>
#include <unistd.h>

int setgid(gid_t gid)  

DESCRIPTION

setgid sets the effective group ID of the current process. If the caller is the superuser, the real and saved group ID's are also set.

Under Linux, setgid is implemented like the POSIX version with the _POSIX_SAVED_IDS feature. This allows a setgid (other than root) program to drop all of its group privileges, do some un-privileged work, and then re-engage the original effective group ID in a secure manner.

If the user is root or the program is setgid root, special care must be taken. The setgid function checks the effective gid of the caller and if it is the superuser, all process related group ID's are set to gid. After this has occurred, it is impossible for the program to regain root privileges.

Thus, a setgid-root program wishing to temporarily drop root privileges, assume the identity of a non-root group, and then regain root privileges afterwards cannot use setgid. You can accomplish this with the (non-POSIX, BSD) call setegid.  

RETURN VALUE

On success, zero is returned. On error, -1 is returned, and errno is set appropriately.  

ERRORS

EPERM
The user is not the super-user, and gid does not match the effective group ID or saved set-group-ID of the calling process.
 

CONFORMING TO

SVr4, SVID.  

SEE ALSO

getgid(2), setregid(2), setegid(2)


 

Index

NAME
SYNOPSIS
DESCRIPTION
RETURN VALUE
ERRORS
CONFORMING TO
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 15:21:13 GMT, July 17, 2018