setuid vs seteuid function

ぃ、小莉子 提交于 2020-01-03 11:45:24

问题


What is the difference between setuid and seteuid function. In man page both of the function have similar description.

setuid:

DESCRIPTION

   setuid()  sets  the  effective user ID of the calling process.  If the effective UID of the caller is root, the real UID and saved
   set-user-ID are also set.

seteuid:

DESCRIPTION

   seteuid()  sets  the  effective user ID of the calling process.  Unprivileged user processes may only set the effective user ID to
   the real user ID, the effective user ID or the saved set-user-ID.

In both of the description contains sets the effective user ID of the calling process. So what is the difference between these two and how the functionality differs between these functions.

And One more doubt is, using chmod(chmod u+s ) only we can set the set user id permission to the file. Then only during runtime of the program, the process have permission who is set to set user id. Apart from these how these functions set the effective userid to the process.


回答1:


From the man page:

   Thus, a set-user-ID-root program wishing to temporarily drop root
   privileges, assume the identity of an unprivileged user, and then
   regain root privileges afterward cannot use setuid().  You can
   accomplish this with seteuid(2).



回答2:


In answer to the question "why use seteuid()": some system applications use seteuid() so that they can attempt to execute instructions with the privileges of the "effective" user. This allows a programming running as root to ensure that, for example, any files it creates are created using the effective user id and not the root id.

Perhaps the most notable application is the Unix "cron" system which has to run as user "root" but has the responsibility of executing arbitrary commands as arbitrary users.



来源:https://stackoverflow.com/questions/33076543/setuid-vs-seteuid-function

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!