FreeBSD Manual Pages
SETUID(1) General Commands Manual SETUID(1) NAME setuid - run a command with a different uid. SYNOPSIS setuid username|uid command [ args ] DESCRIPTION Setuid changes user id, then executes the specified command. Unlike some versions of su(1), this program doesn't ever ask for a password when executed with effective uid=root. This program doesn't change the environment; it only changes the uid and then uses execvp() to find the command in the path, and execute it. (If the command is a script, ex- ecvp() passes the command name to /bin/sh for processing.) For example, setuid some_user $SHELL can be used to start a shell running as another user. Setuid is useful inside scripts that are being run by a setuid-root user -- such as a script invoked with super, so that the script can ex- ecute some commands using the uid of the original user, instead of root. This allows unsafe commands (such as editors and pagers) to be used in a non-root mode inside a super script. For example, an opera- tor with permission to modify a certain protected_file could use a su- per command that simply does: cp protected_file temp_file setuid $ORIG_USER ${EDITOR:-/bin/vi} temp_file cp temp_file protected_file (Note: don't use this example directly. If the temp_file can somehow be replaced by another user, as might be the case if it's kept in a temporary directory, there will be a race condition in the time between editing the temporary file and copying it back to the protected file.) AUTHOR Will Deich local SETUID(1)
NAME | SYNOPSIS | DESCRIPTION | AUTHOR
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=setuid&sektion=1&manpath=FreeBSD+13.1-RELEASE+and+Ports>