Hi,
I have been looking at setuid and setgid.
I understand that setuid determines who owns the file and setgid determines which group of people can access the file... yeah?!
But i need to know how to actually use setuid and setgid. I'm guessing chmod will feature somewhere..
Any help... (1 Reply)
Hello,
I am new to db2 SQL in unix so bear with me while I try to explain the situation. I have a text file that has the contents of the where condition that I am using for a db2 SQL in UNIX ksh.
Here is the snippet.
if ;
then
echo "Begin processing VALUEs"
... (1 Reply)
I have a setuid to root program that has now to be changed to setuid to oracle depending on who is running it. Oracle has only two groups, dba (primary) and osgrp1 (secondary). But running 'id' if oracle shows all the secondary groups belonging to root, and only dba or osgrp1 as the primary group... (2 Replies)
hello everybody!
I want to create a file with permissions for read, write, and execute to everybody using C, so I write this code:
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
int main(){
int fileDescriptor;
fileDescriptor =... (2 Replies)
hi..
why we go for setuid, setgid permissions?
as a system admin ,when we use this ,except default solaris setuid,setgid files and dirs..
hopes that anyone can help me regarding this.. (1 Reply)
While I was looking for tips for hardening the security of my MAC OSX I found the following posting:
"<How to disable Setuid and Setgid Binaries >
Setuid programs run with the privileges of the file's owner
(which is often root), no matter which user executes them.
Bugs in these programs... (6 Replies)
Hi,
I'm new to this and very much interested to learn unix.
Can any one explain me the symbols y we use this is scripting(~ and $).
It would be great if some one explain with the eg.
Thanks
Naveen A (2 Replies)
so im writing a script for a android system. these types of systems are not the typical unix systems.
what i need to do is basic. i have a script which I put in a directory and then zipped up the directory in a zip file. that way, when the script is unzipped, the person unzipping will see... (1 Reply)
Discussion started by: SkySmart
1 Replies
LEARN ABOUT MOJAVE
setgid32
SETGID(2) Linux Programmer's Manual SETGID(2)NAME
setgid - set group identity
SYNOPSIS
#include <sys/types.h>
#include <unistd.h>
int setgid(gid_t gid);
DESCRIPTION
setgid() sets the effective group ID of the calling process. If the calling process is privileged (has the CAP_SETGID capability in its
user namespace), the real GID and saved set-group-ID are also set.
Under Linux, setgid() is implemented like the POSIX version with the _POSIX_SAVED_IDS feature. This allows a set-group-ID program that is
not set-user-ID-root to drop all of its group privileges, do some un-privileged work, and then reengage the original effective group ID in
a secure manner.
RETURN VALUE
On success, zero is returned. On error, -1 is returned, and errno is set appropriately.
ERRORS
EINVAL The group ID specified in gid is not valid in this user namespace.
EPERM The calling process is not privileged (does not have the CAP_SETGID capability), and gid does not match the real group ID or saved
set-group-ID of the calling process.
CONFORMING TO
POSIX.1-2001, POSIX.1-2008, SVr4.
NOTES
The original Linux setgid() system call supported only 16-bit group IDs. Subsequently, Linux 2.4 added setgid32() supporting 32-bit IDs.
The glibc setgid() wrapper function transparently deals with the variation across kernel versions.
C library/kernel differences
At the kernel level, user IDs and group IDs are a per-thread attribute. However, POSIX requires that all threads in a process share the
same credentials. The NPTL threading implementation handles the POSIX requirements by providing wrapper functions for the various system
calls that change process UIDs and GIDs. These wrapper functions (including the one for setgid()) employ a signal-based technique to
ensure that when one thread changes credentials, all of the other threads in the process also change their credentials. For details, see
nptl(7).
SEE ALSO getgid(2), setegid(2), setregid(2), capabilities(7), credentials(7), user_namespaces(7)COLOPHON
This page is part of release 4.15 of the Linux man-pages project. A description of the project, information about reporting bugs, and the
latest version of this page, can be found at https://www.kernel.org/doc/man-pages/.
Linux 2017-09-15 SETGID(2)