SETUID(1)                                                     General Commands Manual                                                    SETUID(1)

NAME

       setuid - run a command with a different uid.

SYNOPSIS

       setuid username|uid   command [ args ]

DESCRIPTION

       Setuid  changes  user id, then executes the specified command.  Unlike some versions of su(1), this program doesn't ever ask for a password
       when executed with effective uid=root.  This program doesn't change the environment; it only changes the uid and then uses execvp() to find
       the command in the path, and execute it.  (If the command is a script, execvp() passes the command name to /bin/sh for processing.)

       For example,
              setuid  some_user  $SHELL
       can be used to start a shell running as another user.

       Setuid  is  useful  inside  scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can
       execute some commands using the uid of the original user, instead of root.  This allows unsafe commands (such as editors and pagers) to  be
       used  in  a  non-root  mode inside a super script.  For example, an operator with permission to modify a certain protected_file could use a
       super command that simply does:
              cp protected_file temp_file
              setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
              cp temp_file protected_file
       (Note: don't use this example directly.  If the temp_file can somehow be replaced by another user, as might be the case if it's kept  in  a
       temporary  directory,  there  will  be a race condition in the time between editing the temporary file and copying it back to the protected
       file.)

AUTHOR

       Will Deich

                                                                       local                                                             SETUID(1)