HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
PROLOG |NAME |SYNOPSIS |DESCRIPTION |RETURN VALUE |ERRORS |EXAMPLES |APPLICATION USAGE |RATIONALE |FUTURE DIRECTIONS |SEE ALSO |COPYRIGHT | |
SETREGID(3P) POSIX Programmer's ManualSETREGID(3P)This manual page is part of the POSIX Programmer's Manual. The Linux implementation of this interface may differ (consult the corresponding Linux manual page for details of Linux behavior), or the interface may not be implemented on Linux.
setregid — set real and effective group IDs
#include <unistd.h> int setregid(gid_trgid, gid_tegid);
Thesetregid() function shall set the real and effective group IDs of the calling process. Ifrgid is -1, the real group ID shall not be changed; ifegid is -1, the effective group ID shall not be changed. The real and effective group IDs may be set to different values in the same call. Only a process with appropriate privileges can set the real group ID and the effective group ID to any valid value. A non-privileged process can set either the real group ID to the saved set-group-ID from one of theexec family of functions, or the effective group ID to the saved set-group-ID or the real group ID. If the real group ID is being set (rgid is not -1), or the effective group ID is being set to a value not equal to the real group ID, then the saved set-group-ID of the current process shall be set equal to the new effective group ID. Any supplementary group IDs of the calling process remain unchanged.
Upon successful completion, 0 shall be returned. Otherwise, -1 shall be returned anderrno set to indicate the error, and neither of the group IDs are changed.
Thesetregid() function shall fail if:EINVALThe value of thergid oregid argument is invalid or out- of-range.EPERMThe process does not have appropriate privileges and a change other than changing the real group ID to the saved set-group-ID, or changing the effective group ID to the real group ID or the saved set-group-ID, was requested.The following sections are informative.
None.
If a non-privileged set-group-ID process sets its effective group ID to its real group ID, it can only set its effective group ID back to the previous value ifrgid was -1 in thesetregid() call, since the saved-group-ID is not changed in that case. Ifrgid was equal to the real group ID in thesetregid() call, then the saved set-group-ID will also have been changed to the real user ID.
Earlier versions of this standard did not specify whether the saved set-group-ID was affected bysetregid() calls. This version specifies common existing practice that constitutes an important security feature. The ability to set both the effective group ID and saved set-group-ID to be the same as the real group ID means that any security weakness in code that is executed after that point cannot result in malicious code being executed with the previous effective group ID. Privileged applications could already do this using justsetgid(), but for non-privileged applications the only standard method available is to use this feature ofsetregid().
None.
exec(1p),getegid(3p),geteuid(3p),getgid(3p),getuid(3p),setegid(3p),seteuid(3p),setgid(3p),setreuid(3p),setuid(3p) The Base Definitions volume of POSIX.1‐2017,unistd.h(0p)
Portions of this text are reprinted and reproduced in electronic form from IEEE Std 1003.1-2017, Standard for Information Technology -- Portable Operating System Interface (POSIX), The Open Group Base Specifications Issue 7, 2018 Edition, Copyright (C) 2018 by the Institute of Electrical and Electronics Engineers, Inc and The Open Group. In the event of any discrepancy between this version and the original IEEE and The Open Group Standard, the original IEEE and The Open Group Standard is the referee document. The original Standard can be obtained online athttp://www.opengroup.org/unix/online.html . Any typographical or formatting errors that appear in this page are most likely to have been introduced during the conversion of the source files to man page format. To report such errors, seehttps://www.kernel.org/doc/man-pages/reporting_bugs.html .IEEE/The Open Group 2017SETREGID(3P)Pages that refer to this page:unistd.h(0p), getegid(3p), geteuid(3p), getgid(3p), getuid(3p), setegid(3p), seteuid(3p), setgid(3p), setreuid(3p), setuid(3p)
HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |