From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <noloader@gmail.com>
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com
 [IPv6:2607:f8b0:4864:20::d31])
 by sourceware.org (Postfix) with ESMTPS id 409ED386101F
 for <libc-help@sourceware.org>; Wed,  3 Feb 2021 01:49:17 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 409ED386101F
Received: by mail-io1-xd31.google.com with SMTP id f6so3387153ioz.5
 for <libc-help@sourceware.org>; Tue, 02 Feb 2021 17:49:17 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:reply-to
 :from:date:message-id:subject:to;
 bh=uVg4MK5SGZ29IX0hjKy1M/BeNgTPHOrln63hXBpsMJs=;
 b=fz+4nTqwSnbe79JITDJz+fqiqLmy0LD9c/bfC0gRorOPvFvZhFkoPdJjTmPCvSIAvE
 /ubS/avUz+9xwnT8T8RLZ4364EjL80Y3bwNth2F6vqp/qLwYIzgA9FqtpMJRsGkN23La
 bzA/RqkB4grPNRmFpHhDU/lzsYgannYEYEnTiLRegSmpvnCIvUC4hbcEYZGjxUaadDRA
 C1L2MzJW3H6fE2BGRyU/GIKbdRhhvnoqRETOnQg8+u5JxrmT55uQmeK8MdvPzfyJB3qu
 kj6Bs+oXbEx9Yco0mlSW1KSP4rer9rMjILEkOFdcRS5Nq/cv4Wf1+L1wpNYw0r9FtW1O
 1iUA==
X-Gm-Message-State: AOAM530+ndCRp/jbXw+8hzpp77IExg1Hfw6E+ilqoleVTxS4HndIdvGc
 EuIWx8soGMwdkihEfGQ7KKNwB3TNG+BSqCeblVYIiu2yvMY=
X-Google-Smtp-Source: ABdhPJzHw4y5jvNxGPaqCSYcw9lnOwx5PGSGl8VZ6kQUloobo4wBk4mzDRsz3SVgJJdSmlSxSFzdbzdAmYzEmE1h4+A=
X-Received: by 2002:a5d:9f15:: with SMTP id q21mr684820iot.132.1612316956631; 
 Tue, 02 Feb 2021 17:49:16 -0800 (PST)
MIME-Version: 1.0
References: <CABrM6wkBrkz1DiyBWAqK=Nqj8e3=bs=NurR-eK7RF4Y6Ob_idA@mail.gmail.com>
In-Reply-To: <CABrM6wkBrkz1DiyBWAqK=Nqj8e3=bs=NurR-eK7RF4Y6Ob_idA@mail.gmail.com>
Reply-To: noloader@gmail.com
From: Jeffrey Walton <noloader@gmail.com>
Date: Tue, 2 Feb 2021 20:49:05 -0500
Message-ID: <CAH8yC8=5hAqxk55TOo0M8_vp0viR0uVd6_YevfZWejDc1EWeoQ@mail.gmail.com>
Subject: Re: definitions of uid and euid
To: libc-help <libc-help@sourceware.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,
 SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-BeenThere: libc-help@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Libc-help mailing list <libc-help.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/libc-help>,
 <mailto:libc-help-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/libc-help/>
List-Help: <mailto:libc-help-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-help>,
 <mailto:libc-help-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2021 01:49:18 -0000

On Tue, Feb 2, 2021 at 12:22 PM Peng Yu via Libc-help
<libc-help@sourceware.org> wrote:
>
> `man getuid` says the following without explaining what real user ID
> and effective user ID are.
>
> - getuid() returns the real user ID of the calling process.
> - geteuid() returns the effective user ID of the calling process.
>
> Could anybody explain the definitions of uid and euid, and provide a
> minimum working example demonstrating when they are different? Thanks.

Also see Chen, Wagner and Dean's
https://www.usenix.org/conference/11th-usenix-security-symposium/setuid-demystified:

   Access control in Unix systems is mainly based on
   user IDs, yet the system calls that modify user IDs
   (uid-setting system calls), such as setuid, are poorly
   designed, insufficiently documented, and widely
   misunderstood and misused. This has caused many
   security vulnerabilities in application programs.
   ...

Jeff