Provided by: manpages-dev_4.04-2_all bug


       seteuid, setegid - set effective user or group ID


       #include <sys/types.h>
       #include <unistd.h>

       int seteuid(uid_t euid);
       int setegid(gid_t egid);

   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):

       seteuid(), setegid():
           _BSD_SOURCE || _POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600


       seteuid()  sets the effective user ID of the calling process.  Unprivileged user processes
       may only set the effective user ID to the real user ID, the effective user ID or the saved

       Precisely the same holds for setegid() with "group" instead of "user".


       On success, zero is returned.  On error, -1 is returned, and errno is set appropriately.

       Note:  there  are  cases  where  seteuid() can fail even when the caller is UID 0; it is a
       grave security error to omit checking for a failure return from seteuid().


       EINVAL The target user or group ID is not valid in this user namespace.

       EPERM  The calling process  is  not  privileged  (Linux:  does  not  have  the  CAP_SETUID
              capability  in  the  case of seteuid(), or the CAP_SETGID capability in the case of
              setegid()) and euid (respectively, egid) is not  the  real  user  (group)  ID,  the
              effective user (group) ID, or the saved set-user-ID (saved set-group-ID).


       POSIX.1-2001, POSIX.1-2008, 4.3BSD.


       Setting  the  effective  user  (group) ID to the saved set-user-ID (saved set-group-ID) is
       possible  since  Linux  1.1.37  (1.1.38).   On  an  arbitrary  system  one  should   check

       Under glibc 2.0 seteuid(euid) is equivalent to setreuid(-1, euid) and hence may change the
       saved set-user-ID.  Under glibc 2.1 and later it is equivalent to setresuid(-1, euid,  -1)
       and  hence  does  not change the saved set-user-ID.  Analogous remarks hold for setegid(),
       with the  difference  that  the  change  in  implementation  from  setregid(-1,  egid)  to
       setresgid(-1,  egid,  -1)  occurred  in  glibc  2.2  or  2.3  (depending  on  the hardware

       According to POSIX.1, seteuid() (setegid()) need not permit euid (egid)  to  be  the  same
       value  as  the  current  effective user (group) ID, and some implementations do not permit

   C library/kernel differences
       On Linux, seteuid()  and  setegid()  are  implemented  as  library  functions  that  call,
       respectively, setreuid(2) and setregid(2).


       geteuid(2),   setresuid(2),   setreuid(2),   setuid(2),  capabilities(7),  credentials(7),


       This page is part of release 4.04 of the Linux man-pages project.  A  description  of  the
       project,  information  about  reporting  bugs, and the latest version of this page, can be
       found at