setuid

SETUID(1)                    General Commands Manual                   SETUID(1)



NAME
       setuid - run a command with a different uid.

SYNOPSIS
       setuid username|uid   command [ args ]

DESCRIPTION
       Setuid changes user id, then executes the specified command.  Unlike some
       versions of su(1), this program doesn't ever ask for a password when
       executed with effective uid=root.  This program doesn't change the
       environment; it only changes the uid and then uses execvp() to find the
       command in the path, and execute it.  (If the command is a script,
       execvp() passes the command name to /bin/sh for processing.)

       For example,
              setuid  some_user  $SHELL
       can be used to start a shell running as another user.

       Setuid is useful inside scripts that are being run by a setuid-root user
       — such as a script invoked with super, so that the script can execute
       some commands using the uid of the original user, instead of root.  This
       allows unsafe commands (such as editors and pagers) to be used in a non-
       root mode inside a super script.  For example, an operator with
       permission to modify a certain protected_file could use a super command
       that simply does:
              cp protected_file temp_file
              setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file
              cp temp_file protected_file
       (Note: don't use this example directly.  If the temp_file can somehow be
       replaced by another user, as might be the case if it's kept in a
       temporary directory, there will be a race condition in the time between
       editing the temporary file and copying it back to the protected file.)

AUTHOR
       Will Deich



                                      local                            SETUID(1)