Rechercher une page de manuel

Chercher une autre page de manuel:


Langue: en

Version: 265451 (debian - 07/07/09)

Autres sections - même nom

Section: 1 (Commandes utilisateur)


setuid - run a command with a different uid.


setuid username|uid   command [ args ]


Setuid changes user id, then executes the specified command. Unlike some versions of su(1), this program doesn't ever ask for a password when executed with effective uid=root. This program doesn't change the environment; it only changes the uid and then uses execvp() to find the command in the path, and execute it. (If the command is a script, execvp() passes the command name to /bin/sh for processing.)

For example,

setuid some_user $SHELL
can be used to start a shell running as another user.

Setuid is useful inside scripts that are being run by a setuid-root user --- such as a script invoked with super, so that the script can execute some commands using the uid of the original user, instead of root. This allows unsafe commands (such as editors and pagers) to be used in a non-root mode inside a super script. For example, an operator with permission to modify a certain protected_file could use a super command that simply does:

 cp protected_file temp_file
 setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
 cp temp_file protected_file
(Note: don't use this example directly. If the temp_file can somehow be replaced by another user, as might be the case if it's kept in a temporary directory, there will be a race condition in the time between editing the temporary file and copying it back to the protected file.)


Will Deich
Les vices entrent dans la composition des vertus comme les poisons
entrent dans la composition des remèdes. La prudence les assemble et
les tempère, et elle s'en sert utilement contre les maux de la vie.
-+- François de La Rochefoucauld (1613-1680), Maximes 182 -+-