.\" Modified, 27 May 2004, Michael Kerrisk <mtk.manpages@gmail.com>
.\" Added notes on capability requirements
.\"
-.TH SETEUID 2 2012-07-02 "Linux" "Linux Programmer's Manual"
+.TH SETEUID 2 2014-09-21 "Linux" "Linux Programmer's Manual"
.SH NAME
seteuid, setegid \- set effective user or group ID
.SH SYNOPSIS
On error, \-1 is returned, and
.I errno
is set appropriately.
+
+.IR Note :
+there are cases where
+.BR seteuid ()
+can fail even when the caller is UID 0;
+it is a grave security error to omit checking for a failure return from
+.BR seteuid ().
.SH ERRORS
-.\" .TP
-.\" .B EINVAL
+.TP
+.B EINVAL
+The target user or group ID is not valid in this user namespace.
.TP
.B EPERM
The calling process is not privileged (Linux: does not have the
On an arbitrary system one should check
.BR _POSIX_SAVED_IDS .
.LP
-Under libc4, libc5 and glibc 2.0
+Under glibc 2.0
.BI seteuid( euid )
is equivalent to
.BI setreuid(\-1, " euid" )
.RI ( egid )
to be the same value as the current effective user (group) ID,
and some implementations do not permit this.
+.SS C library/kernel ABI differences
+On Linux,
+.BR seteuid ()
+and
+.BR setegid ()
+are implemented as library functions that call, respectively,
+.BR setreuid (2)
+and
+.BR setresgid (2).
.SH SEE ALSO
.BR geteuid (2),
.BR setresuid (2),
.BR setreuid (2),
.BR setuid (2),
.BR capabilities (7),
-.BR credentials (7)
+.BR credentials (7),
+.BR user_namespaces (7)
.SH COLOPHON
-This page is part of release 3.68 of the Linux
+This page is part of release 3.75 of the Linux
.I man-pages
project.
A description of the project,