Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Difference between setuid and seteuid function

Tags:

c

linux

unix

Program 1: Example with setuid()

    #include<stdio.h>
    #include<sys/types.h>
    #include<unistd.h>
    void main()
    {
        printf("Real user id = %d, Effective User id = %d\n",getuid(),geteuid());
        setuid(1000);
        printf("Real user id = %d, Effective User id = %d\n",getuid(),geteuid());
        setuid(1014);
        printf("Real user id = %d, Effective User id = %d\n",getuid(),geteuid());
    }

Output:

    guest $ ./a.out 
    Real user id = 1000, Effective User id = 1014
    Real user id = 1000, Effective User id = 1000
    Real user id = 1000, Effective User id = 1014
    guest $

Program 2: Example with seteuid()

    #include<stdio.h>
    #include<sys/types.h>
    #include<unistd.h>
    void main()
    {
        printf("Real user id = %d, Effective User id = %d\n",getuid(),geteuid());
        seteuid(1000);
        printf("Real user id = %d, Effective User id = %d\n",getuid(),geteuid());
        seteuid(1014);
        printf("Real user id = %d, Effective User id = %d\n",getuid(),geteuid());
    }

Output:

    guest $ ./a.out 
    Real user id = 1000, Effective User id = 1014
    Real user id = 1000, Effective User id = 1000
    Real user id = 1000, Effective User id = 1014
    guest $

Both programs give the same output. So, what is the difference between these two functions? As per the reference (man page), both functions are used to set the effective user ID of the process. Where does the functionality differ between these two programs?

like image 364
mohangraj Avatar asked Oct 12 '15 09:10

mohangraj

1 Answers

The documentation is pretty clear about the difference:

If the user is root or the program is set-user-ID-root, special care must be taken. The setuid() function checks the effective user ID of the caller and if it is the superuser, all process-related user ID's are set to uid. After this has occurred, it is impossible for the program to regain root privileges.

Thus, a set-user-ID-root program wishing to temporarily drop root privileges, assume the identity of an unprivileged user, and then regain root privileges afterward cannot use setuid(). You can accomplish this with seteuid.

like image 143
legends2k Avatar answered Oct 12 '22 23:10

legends2k
Sign in to Comment

Related questions

Declarators semantics in C99
Which versions of GCC, or flags, should I use when studying buffer overflows?
How and where is variable type information stored?
How to get rid of "call is the same expression as the source" warning in C?
Is it possible that JNI function return integer or boolean?
What are the minimum-width integer types useful for?
Why does my float print out as 0 even though I input 13.5 for it using scanf?
malloc() in Linux - "there is no guarantee that the memory really is available"?
Can I assume NULL value in comparison as the false?
Can C sort at compile time?
How do I declare a function that returns a pointer to a function that returns a function pointer without using a typedef in C?
Writing struct + write(buf) points to uninitialised byte(s)
Anonymous Union in Struct Initializer
Why do we need Value-Result arguments in socket programming? (Clarification required)
Pointer Array in C? [duplicate]
How to style a GtkLabel with CSS?
Are all threads halted when one of them receives a signal and none of them block it?
Why does llvm and gcc use different function prologs on x86 64?
C language macro code - #define with 2 '##'
Can we typecast buffer into C++ structure on client when server is sending data as c structure?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!