PTHREAD_SETUGID_NP(2) | System Calls Manual | PTHREAD_SETUGID_NP(2) |
pthread_setugid_np
—
Set the per-thread userid and single groupid.
#include
<sys/types.h>
#include <sys/unistd.h>
int
pthread_setugid_np
(uid_t
uid, gid_t gid);
pthread_setugid_np
()
changes the current thread's effective, real, and saved userid and groupid
to the requested userid and groupid ( uid and
gid , respectively) and clears all other groupids.
uid can be the current real userid, KAUTH_UID_NONE, or, if the caller is privileged, any userid. gid can be the current real groupid or, if the caller is priviledged, any single groupid.
Setting uid to KAUTH_UID_NONE means to "revert to the per process credential".
Temporarily restoring root privileges for a non-privileged process is only possible on a per-process basis and not a per-thread basis.
pthread_setugid_np
() is not intended as a
privilege escalation mechanism.
Do not use pthread_setugid_np.2
() in a
security sensitive situation.
Upon successful completion, a value of 0 is returned. Otherwise, -1 is returned and the global variable errno is set to indicate the error.
pthread_setugid_np
() fails if one or more
of the following are true:
October 1, 2008 | Mac OS X 12 |