问题
What is the difference between setuid and seteuid function. In man page both of the function have similar description.
setuid:
DESCRIPTION
setuid() sets the effective user ID of the calling process. If the effective UID of the caller is root, the real UID and saved
set-user-ID are also set.
seteuid:
DESCRIPTION
seteuid() sets the effective user ID of the calling process. Unprivileged user processes may only set the effective user ID to
the real user ID, the effective user ID or the saved set-user-ID.
In both of the description contains sets the effective user ID of the calling process
. So what is the difference between
these two and how the functionality differs between these functions.
And One more doubt is, using chmod(chmod u+s ) only we can set the set user id permission to the file. Then only during runtime of the program, the process have permission who is set to set user id. Apart from these how these functions set the effective userid to the process.
回答1:
From the man page:
Thus, a set-user-ID-root program wishing to temporarily drop root
privileges, assume the identity of an unprivileged user, and then
regain root privileges afterward cannot use setuid(). You can
accomplish this with seteuid(2).
回答2:
In answer to the question "why use seteuid()": some system applications use seteuid() so that they can attempt to execute instructions with the privileges of the "effective" user. This allows a programming running as root to ensure that, for example, any files it creates are created using the effective user id and not the root id.
Perhaps the most notable application is the Unix "cron" system which has to run as user "root" but has the responsibility of executing arbitrary commands as arbitrary users.
来源:https://stackoverflow.com/questions/33076543/setuid-vs-seteuid-function