1 .\" Copyright (C) 1995, Thomas K. Dyas <tdyas@eden.rutgers.edu>
3 .\" Permission is granted to make and distribute verbatim copies of this
4 .\" manual provided the copyright notice and this permission notice are
5 .\" preserved on all copies.
7 .\" Permission is granted to copy and distribute modified versions of this
8 .\" manual under the conditions for verbatim copying, provided that the
9 .\" entire resulting derived work is distributed under the terms of a
10 .\" permission notice identical to this one.
12 .\" Since the Linux kernel and libraries are constantly changing, this
13 .\" manual page may be incorrect or out-of-date. The author(s) assume no
14 .\" responsibility for errors or omissions, or for damages resulting from
15 .\" the use of the information contained herein. The author(s) may not
16 .\" have taken the same level of care in the production of this manual,
17 .\" which is licensed free of charge, as they might when working
20 .\" Formatted or processed versions of this manual, if unaccompanied by
21 .\" the source, must acknowledge the copyright and authors of this work.
23 .\" Created 1995-08-06 Thomas K. Dyas <tdyas@eden.rutgers.edu>
24 .\" Modified 2000-07-01 aeb
25 .\" Modified 2002-07-23 aeb
26 .\" Modified, 27 May 2004, Michael Kerrisk <mtk.manpages@gmail.com>
27 .\" Added notes on capability requirements
29 .\" Japanese Version Copyright (c) 1997 HANATAKA Shinya
30 .\" all rights reserved.
31 .\" Translated Sat Mar 1 00:55:10 JST 1997
32 .\" by HANATAKA Shinya <hanataka@abyss.rim.or.jp>
33 .\" Modified Mon Sep 23 21:15:17 JST 2000
34 .\" by HANATAKA Shinya <hanataka@abyss.rim.or.jp>
35 .\" Modified 2002-09-24 by Akihiro MOTOKI <amotoki@dd.iij4u.or.jp>
36 .\" Modified 2005-02-24, Akihiro MOTOKI <amotoki@dd.iij4u.or.jp>
39 .\"WORD: kernel ¥«¡¼¥Í¥ë
40 .\"WORD: file system ¥Õ¥¡¥¤¥ë¡¦¥·¥¹¥Æ¥à
41 .\"WORD: effective user ID ¼Â¸ú¥æ¡¼¥¶ID
42 .\"WORD: real user ID ¼Â¥æ¡¼¥¶ID
43 .\"WORD: signal ¥·¥°¥Ê¥ë
44 .\"WORD: security hole ¥»¥¥å¥ê¥Æ¥£¡¦¥Û¡¼¥ë
45 .\"WORD: saved set-user-ID Êݸ¥»¥Ã¥È¥æ¡¼¥¶ID
47 .TH SETFSUID 2 2008-12-05 "Linux" "Linux Programmer's Manual"
49 .\"O setfsuid \- set user identity used for file system checks
51 setfsuid \- ¥Õ¥¡¥¤¥ë¡¦¥·¥¹¥Æ¥à¤Î¥Á¥§¥Ã¥¯¤ËÍѤ¤¤é¤ì¤ë¥æ¡¼¥¶ ID ¤òÀßÄꤹ¤ë
54 .B #include <unistd.h>
55 /* glibc ¤Ç¤Ï <sys/fsuid.h> */
57 .BI "int setfsuid(uid_t " fsuid );
62 .\"O sets the user ID that the Linux kernel uses to check for all accesses
63 .\"O to the file system.
64 .\"O Normally, the value of
66 .\"O will shadow the value of the effective user ID.
67 .\"O In fact, whenever the
68 .\"O effective user ID is changed,
70 .\"O will also be changed to the new value of the effective user ID.
72 ¤Ï Linux ¥«¡¼¥Í¥ë¤¬¥Õ¥¡¥¤¥ë¡¦¥·¥¹¥Æ¥à¤ËÂФ¹¤ë
73 Á´¤Æ¤Î¥¢¥¯¥»¥¹¤Î¥Á¥§¥Ã¥¯¤Ë»ÈÍѤ¹¤ë¥æ¡¼¥¶ID ¤òÀßÄꤹ¤ë¡£Ä̾ï¤Ï
75 ¤ÎÃͤϼ¸ú (effective) ¥æ¡¼¥¶ID ¤ÈƱ¤¸¤Ë¤Ê¤ë¡£¼ÂºÝ¡¢
76 ¼Â¸ú¥æ¡¼¥¶ID ¤¬Êѹ¹¤µ¤ì¤ëÅÙ¤Ë
78 ¤â¤Þ¤¿¿·¤·¤¤¼Â¸ú¥æ¡¼¥¶ID ¤ÎÃͤËÊѹ¹¤µ¤ì¤ë¡£
80 .\"O Explicit calls to
84 .\"O are usually only used by programs such as the Linux NFS server that
85 .\"O need to change what user and group ID is used for file access without a
86 .\"O corresponding change in the real and effective user and group IDs.
87 .\"O A change in the normal user IDs for a program such as the NFS server
88 .\"O is a security hole that can expose it to unwanted signals.
94 ¤¬ÌÀ¼¨Åª¤Ë¸Æ¤Ó½Ð¤µ¤ì¤ë¤Î¤Ï¡¢Linux NFS ¥µ¡¼¥Ð¡¼ ¤Î¤è¤¦¤Ë¡¢
95 ¥Õ¥¡¥¤¥ë¡¦¥¢¥¯¥»¥¹¤ËÍѤ¤¤ë¥æ¡¼¥¶ID / ¥°¥ë¡¼¥×ID ¤òÊѹ¹¤·¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¤¬¡¢
96 Âбþ¤¹¤ë¼Â(real)/¼Â¸ú(effective) ¥æ¡¼¥¶ID / ¥°¥ë¡¼¥×ID ¤ÏÊѹ¹¤·¤¿¤¯¤Ê¤¤¤è¤¦¤Ê
97 ¥×¥í¥°¥é¥à¤Ë¸Â¤é¤ì¤ë¡£
98 NFS ¥µ¡¼¥Ð¡¼¤Î¤è¤¦¤Ê¥×¥í¥°¥é¥à¤Ç¡¢Ä̾ï¤Î¥æ¡¼¥¶ID ¤òÊѹ¹¤¹¤ë¤È¡¢
99 ¥×¥í¥»¥¹¤ò˾¤Þ¤Ê¤¤¥·¥°¥Ê¥ë¤Ë¤µ¤é¤¹²ÄǽÀ¤¬¤¢¤ê¡¢
100 ¥»¥¥å¥ê¥Æ¥£¡¦¥Û¡¼¥ë¤Ë¤Ê¤ë¡£(²¼µ»²¾È)
103 .\"O will only succeed if the caller is the superuser or if
105 .\"O matches either the real user ID, effective user ID, saved set-user-ID, or
106 .\"O the current value of
109 ¤Ï¡¢¥¹¡¼¥Ñ¡¼¡¦¥æ¡¼¥¶¤Ë¤è¤Ã¤Æ¸Æ¤Ó½Ð¤µ¤ì¤¿¾ì¹ç¤«¡¢
111 ¤¬¼Â¥æ¡¼¥¶ID¡¢¼Â¸ú¥æ¡¼¥¶ID¡¢
112 Êݸ¥»¥Ã¥È¥æ¡¼¥¶ID (saved set-user-ID)¡¢¸½ºß¤Î
114 ¤ÎÃͤΤ¤¤º¤ì¤«¤Ë°ìÃפ¹¤ë¾ì¹ç¤Ë¤Î¤ßÀ®¸ù¤¹¤ë¡£
115 .\"O .SH "RETURN VALUE"
117 .\"O On success, the previous value of
120 .\"O On error, the current value of
125 ¤Î°ÊÁ°¤ÎÃͤòÊÖ¤¹¡£¥¨¥é¡¼¤Î¾ì¹ç¤Ï
130 .\"O This system call is present in Linux since version 1.2.
131 ¤³¤Î¥·¥¹¥Æ¥à¥³¡¼¥ë¤Ï¥Ð¡¼¥¸¥ç¥ó 1.2 °Ê¹ß¤Î Linux ¤Ë¸ºß¤¹¤ë¡£
132 .\" This system call is present since Linux 1.1.44
133 .\" and in libc since libc 4.7.6.
134 .\"O .SH "CONFORMING TO"
137 .\"O is Linux-specific and should not be used in programs intended
140 ¤Ï Linux ÆÃͤǤ¢¤ê¡¢°Ü¿¢¤òÁÛÄꤷ¤¿¥×¥í¥°¥é¥à¤Ç»ÈÍѤ·¤Æ¤Ï¤¤¤±¤Ê¤¤¡£
143 .\"O When glibc determines that the argument is not a valid user ID,
144 .\"O it will return \-1 and set \fIerrno\fP to
146 .\"O without attempting
147 .\"O the system call.
148 glibc ¤¬°ú¤¿ô¤¬¥æ¡¼¥¶ID ¤È¤·¤ÆÉÔÀµ¤À¤ÈȽÃǤ·¤¿¾ì¹ç¤Ï¡¢
149 ¥·¥¹¥Æ¥à¡¦¥³¡¼¥ë¤ò¹Ô¤ï¤º \fIerrno\fP ¤Ë
151 ¤òÀßÄꤷ¤Æ \-1 ¤¬ÊÖ¤µ¤ì¤ë¡£
153 .\"O Note that at the time this system call was introduced, a process
154 .\"O could send a signal to a process with the same effective user ID.
155 .\"O Today signal permission handling is slightly different.
156 ¤³¤Î¥·¥¹¥Æ¥à¥³¡¼¥ë¤¬Æ³Æþ¤µ¤ì¤¿Åö»þ¡¢¥×¥í¥»¥¹¤Ï
157 Ʊ¤¸¼Â¸ú¥æ¡¼¥¶ID¤Î¥×¥í¥»¥¹¤Ø¥·¥°¥Ê¥ë¤òÁ÷¤ë¤³¤È¤¬¤Ç¤¤¿¡£
158 º£Æü¤Ç¤Ï¡¢¥·¥°¥Ê¥ëÁ÷¿®¸¢¸Â¤Î°·¤¤¤Ï¤«¤Ê¤ê°ã¤¦¤â¤Î¤Ë¤Ê¤Ã¤Æ¤¤¤ë¡£
161 .\"O No error messages of any kind are returned to the caller.
165 .\"O should be returned when the call fails (because the caller lacks the
168 ¤¤¤«¤Ê¤ë¼ïÎà¤Î¥¨¥é¡¼¡¦¥á¥Ã¥»¡¼¥¸¤â¸Æ¤Ó½Ð¤·¸µ¤ËÊÖ¤µ¤Ê¤¤¡£
169 ¼ºÇÔ¤·¤¿¾ì¹ç¤Ï (¸Æ¤Ó½Ð¤·¸µ¤Ë¤Ï
171 ¥±¡¼¥Ñ¥Ó¥ê¥Æ¥£¤¬¤Ê¤«¤Ã¤¿¤Î¤À¤«¤é) ºÇÄã¤Ç¤â
173 ¤¯¤é¤¤¤ÏÊÖ¤¹¤Ù¤¤Ç¤¢¤ë¡£
178 .BR capabilities (7),