Note about Saved set-user/group-ID #3

New issue

Open

opened 2026-02-08 20:23:25 +01:00 by xdelatour · 0 comments

xdelatour commented

2026-02-08 20:23:25 +01:00

Owner

Saved set-user-ID and saved set-group-ID. These IDs are used
in set-user-ID and set-group-ID programs to save a copy of the
corresponding effective IDs that were set when the program was
executed (see execve(2)). A set-user-ID program can assume and
drop privileges by switching its effective user ID back and
forth between the values in its real user ID and saved set-
user-ID. This switching is done via calls to seteuid(2),
setreuid(2), or setresuid(2). A set-group-ID program performs
the analogous tasks using setegid(2), setregid(2), or
setresgid(2). A process can obtain its saved set-user-ID (set-
group-ID) using getresuid(2) (getresgid(2)).

https://man7.org/linux/man-pages/man7/credentials.7.html

Saved set-user-ID and saved set-group-ID. These IDs are used in set-user-ID and set-group-ID programs to save a copy of the corresponding effective IDs that were set when the program was executed (see execve(2)). A set-user-ID program can assume and drop privileges by switching its effective user ID back and forth between the values in its real user ID and saved set- user-ID. This switching is done via calls to seteuid(2), setreuid(2), or setresuid(2). A set-group-ID program performs the analogous tasks using setegid(2), setregid(2), or setresgid(2). A process can obtain its saved set-user-ID (set- group-ID) using getresuid(2) (getresgid(2)). https://man7.org/linux/man-pages/man7/credentials.7.html