NAME

       uid_wrapper - A wrapper to fake privilege separation

SYNOPSIS

       LD_PRELOAD=libuid_wrapper.so UID_WRAPPER=1 UID_WRAPPER_ROOT=1 ./myapplication

DESCRIPTION

       •   Allows uid switching as a normal user.

       •   Start any application making it believe it is running as root.

       •   Support for user/group changing in the local thread using the syscalls (like glibc).

       •   More precisely this library intercepts seteuid and related calls, and simulates them in a manner
           similar to the nss_wrapper and socket_wrapper libraries.

       Some projects like a file server need privilege separation to be able to switch to the connection user
       and do file operations. uid_wrapper convincingly lies to the application letting it believe it is
       operating as root and even switching between UIDs and GIDs as needed.

ENVIRONMENT VARIABLES

       UID_WRAPPER
           If you load the uid_wrapper and enable it with setting UID_WRAPPER=1 all setuid and setgid will work,
           even as a normal user.

       UID_WRAPPER_ROOT
           It is possible to start your application as fake root with setting UID_WRAPPER_ROOT=1.

       UID_WRAPPER_DEBUGLEVEL
           If you need to see what is going on in uid_wrapper itself or try to find a bug, you can enable
           logging support in uid_wrapper if you built it with debug symbols.

           •   0 = ERROR

           •   1 = WARNING

           •   2 = DEBUG

           •   3 = TRACE

EXAMPLE

           $ LD_PRELOAD=libuid_wrapper.so UID_WRAPPER=1 UID_WRAPPER_ROOT=1 id
           uid=0(root) gid=0(root) groups=100(users),0(root)

                                                   2014-07-11                                     UID_WRAPPER(1)