Provided by: manpages-dev_4.04-2_all bug

NAME
       seteuid, setegid - set effective user or group ID


SYNOPSIS
       #include <sys/types.h>
       #include <unistd.h>

       int seteuid(uid_t euid);
       int setegid(gid_t egid);

   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):

       seteuid(), setegid():
           _BSD_SOURCE || _POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600


DESCRIPTION
       seteuid()  sets  the  effective user ID of the calling process.  Unprivileged user processes may only set
       the effective user ID to the real user ID, the effective user ID or the saved set-user-ID.

       Precisely the same holds for setegid() with "group" instead of "user".


RETURN VALUE
       On success, zero is returned.  On error, -1 is returned, and errno is set appropriately.

       Note: there are cases where seteuid() can fail even when the caller is UID 0;  it  is  a  grave  security
       error to omit checking for a failure return from seteuid().


ERRORS
       EINVAL The target user or group ID is not valid in this user namespace.

       EPERM  The  calling process is not privileged (Linux: does not have the CAP_SETUID capability in the case
              of seteuid(), or the CAP_SETGID capability in the case of setegid()) and euid (respectively, egid)
              is not the real user (group) ID, the effective user (group) ID, or the  saved  set-user-ID  (saved
              set-group-ID).


CONFORMING TO
       POSIX.1-2001, POSIX.1-2008, 4.3BSD.


NOTES
       Setting  the  effective  user  (group) ID to the saved set-user-ID (saved set-group-ID) is possible since
       Linux 1.1.37 (1.1.38).  On an arbitrary system one should check _POSIX_SAVED_IDS.

       Under glibc 2.0 seteuid(euid) is equivalent to setreuid(-1, euid) and hence may  change  the  saved  set-
       user-ID.  Under glibc 2.1 and later it is equivalent to setresuid(-1, euid, -1) and hence does not change
       the  saved  set-user-ID.   Analogous  remarks  hold for setegid(), with the difference that the change in
       implementation from setregid(-1, egid) to setresgid(-1, egid, -1) occurred in glibc 2.2 or 2.3 (depending
       on the hardware architecture).

       According to POSIX.1, seteuid() (setegid()) need not permit euid (egid) to  be  the  same  value  as  the
       current effective user (group) ID, and some implementations do not permit this.

   C library/kernel differences
       On  Linux,  seteuid()  and  setegid()  are  implemented  as  library  functions  that call, respectively,
       setreuid(2) and setregid(2).


SEE ALSO
       geteuid(2), setresuid(2), setreuid(2), setuid(2), capabilities(7), credentials(7), user_namespaces(7)


COLOPHON
       This page is part of release 4.04 of  the  Linux  man-pages  project.   A  description  of  the  project,
       information   about   reporting   bugs,   and   the  latest  version  of  this  page,  can  be  found  at
       http://www.kernel.org/doc/man-pages/.

Linux                                              2015-07-23                                         SETEUID(2)