|
|
Sponsored Content
Operating Systems
Solaris
Solaris BigAdmin RSS
Solaris tip of the week: Use RBAC to grant fine-grained security privilege to non-pri
Post 302241875 by Linux Bot on Tuesday 30th of September 2008 01:50:04 PM
09-30-2008
|
|
We Also Found This Discussion For You
1. AIX
I'm working with the audit system on aix 5.1 and 5.3 . But after lots of googling and RTFM, I can't figure out how to audit all files in a given directory rather than specifying each file individually like /etc. And how can I exclude a directory such as /var/tmp so I don't get records for every... (0 Replies)
Discussion started by: vaporlock
0 Replies
LEARN ABOUT HPUX
setuid
setuid(2) System Calls Manual setuid(2) NAME
setuid(), setgid() - set user and group IDs SYNOPSIS
DESCRIPTION
sets the real-user-ID (ruid), effective-user-ID (euid), and/or saved-user-ID (suid) of the calling process. If the Security Containment product is installed, these interfaces treat a process observing as a privileged process. Otherwise, only processes with an euid of zero are treated as privileged processes. See privileges(5) for more information on Security Containment and fine-grained privileges. The following conditions govern setuid's behavior: o If the process is privileged, sets the ruid, euid, and suid to uid. o If the process is not privileged and the argument uid is equal to the ruid or the suid, sets the euid to uid; the ruid and suid remain unchanged. (If a set-user-ID program is not running as superuser, it can change its euid to match its ruid and reset itself to the previous euid value.) o If the process is not privileged, the argument uid is equal to the euid, and the calling process has the privilege, sets the ruid to uid; the euid and suid remain unchanged. sets the real-group-ID (rgid), effective-group-ID (egid), and/or saved-group-ID (sgid) of the calling process. The following conditions govern behavior: o If the process is privileged, sets the rgid and egid to gid. o If the process is not privileged and the argument gid is equal to the rgid or the sgid, sets the egid to gid; the rgid and sgid remain unchanged. o If the process is not privileged, the argument gid is equal to the egid, and the calling process has the privilege, sets the rgid to gid; the egid and sgid remain unchanged. Security Restrictions Some or all of the actions associated with this system call require the privilege. Processes owned by the superuser have this privilege. Processes owned by other users may have this privilege, depending on system configuration. See privileges(5) for more information about privileged access on systems that support fine-grained privileges. RETURN VALUE
Upon successful completion, and return 0; otherwise, they return -1 and set to indicate the error. ERRORS
and fail and return -1 if any of the following conditions are encountered: None of the conditions above are met. uid (gid) is not a valid user (group) ID. WARNINGS
It is recommended that the capability be avoided, as it is provided for backward compatibility. This feature may be modified or dropped from future HP-UX releases. When changing the real user ID and real group ID, use of and (see setresuid(2)) is recommended instead. AUTHOR
was developed by AT&T, the University of California, Berkeley, and HP. was developed by AT&T. SEE ALSO
exec(2), getuid(2), setresuid(2), privileges(5). STANDARDS CONFORMANCE
setuid(2)