The Linux Programming Interface > Process Credentials > Set-User-ID and Set-Group-ID Programs - Pg. : Safari Books Online

Table of Contents

Download Safari Books Online apps: Apple iOS | Android

Entire Site

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

This Book

The Linux Programming Interface

The Linux Programming Interface

Search

Contents

Praise for The Linux Programming Interface

Ch. 1. History and Standards

Ch. 2. Fundamental Concepts

Ch. 3. System Programming Concepts

Ch. 4. File I/O: The Universal I/O Model

Ch. 5. File I/O: Further Details

Ch. 6. Processes

Ch. 7. Memory Allocation

Ch. 8. Users and Groups

Ch. 9. Process Credentials

Real User ID and Real Group ID

Effective User ID and Effective Group ID

Set-User-ID and Set-Group-ID Programs

Saved Set-User-ID and Saved Set-Group-ID

File-System User ID and File-System Group ID

Supplementary Group IDs

Retrieving and Modifying Process Credentials

Ch. 11. System Limits and Options

Ch. 12. System and Process Information

Ch. 13. File I/O Buffering

Ch. 14. File Systems

Ch. 15. File Attributes

Ch. 16. Extended Attributes

Ch. 17. Access Control Lists

Ch. 18. Directories and Links

Ch. 19. Monitoring File Events

Ch. 20. Signals: Fundamental Concepts

Ch. 21. Signals: Signal Handlers

Ch. 22. Signals: Advanced Features

Ch. 23. Timers and Sleeping

Ch. 24. Process Creation

Ch. 25. Process Termination

Ch. 26. Monitoring Child Processes

Ch. 27. Program Execution

Ch. 28. Process Creation and Program Execution in More Detail

Ch. 29. Threads: Introduction

Ch. 30. Threads: Thread Synchronization

Ch. 31. Threads: Thread Safety and Per-Thread Storage

Ch. 32. Threads: Thread Cancellation

Ch. 33. Threads: Further Details

Ch. 34. Process Groups, Sessions, and Job Control

Ch. 35. Process Priorities and Scheduling

Ch. 36. Process Resources

Ch. 37. Daemons

Ch. 38. Writing Secure Privileged Programs

Ch. 39. Capabilities

Ch. 40. Login Accounting

Ch. 41. Fundamentals of Shared Libraries

Ch. 42. Advanced Features of Shared Libraries

Ch. 43. Interprocess Communication Overview

Ch. 44. Pipes and FIFOs

Ch. 45. Introduction to System V IPC

Ch. 46. System V Message Queues

Ch. 47. System V Semaphores

Ch. 48. System V Shared Memory

Ch. 49. Memory Mappings

Ch. 50. Virtual Memory Operations

Ch. 51. Introduction to POSIX IPC

Ch. 52. POSIX Message Queues

Ch. 53. POSIX Semaphores

Ch. 54. POSIX Shared Memory

Ch. 55. File Locking

Ch. 56. Sockets: Introduction

Ch. 57. Sockets: UNIX Domain

Ch. 58. Sockets: Fundamentals of TCP/IP Networks

Ch. 59. Sockets: Internet Domains

Ch. 60. Sockets: Server Design

Ch. 61. Sockets: Advanced Topics

Ch. 62. Terminals

Ch. 63. Alternative I/O Models

Ch. 64. Pseudoterminals

Appx. A. Tracing System Calls

Appx. B. Parsing Command-Line Options

Appx. C. Casting the NULL Pointer

Appx. D. Kernel Configuration

Appx. E. Further Sources of Information

Appx. F. Solutions to Selected Exercises

Appx. G. Updates

URL

Help

9.3. Set-User-ID and Set-Group-ID Programs

A set-user-ID program allows a process to gain privileges it would not normally have, by setting the process’s effective user ID to the same value as the user ID (owner) of the executable file. A set-group-ID program performs the analogous task for the process’s effective group ID. (The terms set-user-ID program and set-group-ID program are sometimes abbreviated as set-UID program and set-GID program.)

Like any other file, an executable program file has an associated user ID and group ID that define the ownership of the file. In addition, an executable file has two special permission bits: the set-user-ID and set-group-ID bits. (In fact, every file has these two permission bits, but it is their use with executable files that interests us here.) These permission bits are set using the chmod command. An unprivileged user can set these bits for files that they own. A privileged user (CAP_FOWNER) can set these bits for any file. Here’s an example:

You are currently reading a PREVIEW of this book.

Get instant access to over
$1 million worth of books and videos.

Start a Free Trial