Skip to content

setresgid

Intro

setresgid - set real, effective, and saved group IDs.

Description

The setresgid() system call allows a process to modify its real group ID, effective group ID, and saved set-group-ID simultaneously.

The real group ID denotes the primary group associated with the user that initiated the process. The effective group ID dictates the group-based permissions of that process. The saved set-group-ID is kept as a reference to remember the effective group ID, especially useful when a process temporarily relinquishes its group privileges and wishes to revert them at a later point.

This utility offers both flexibility and security for processes that need to alternate their group-related privileges for specific tasks and then revert back to their original group privileges.

Arguments

  • rgid:gid_t[K] - The real group ID to be set. If this value is -1, the real GID remains unchanged.
  • egid:gid_t[K] - The effective group ID to be set. If this value is -1, the effective GID remains unchanged.
  • sgid:gid_t[K] - The saved set-group-ID to be set. If this value is -1, it remains unchanged.

Available Tags

  • K - Originated from kernel-space.
  • U - Originated from user space.
  • TOCTOU - Vulnerable to TOCTOU (time of check, time of use).
  • OPT - Optional argument - might not always be available (passed with null value).

Hooks

sys_setresgid

Type

Tracepoint (through sys_enter).

Purpose

To track and record instances of the setresgid() system call being called, capturing detailed insights about the modifications to the real, effective, and saved group IDs.

Example Use Case

In security-sensitive environments, observing transitions between group IDs is crucial. Tracking these changes can aid in detecting possible unauthorized group privilege escalations or processes that switch their group privileges for particular operations.

Issues

Misuse of the setresgid() system call or vulnerabilities in applications using it can lead to potential exploitation, resulting in unauthorized group access or other security implications.

  • setgid() - Set the effective group ID.
  • setregid() - Set real and effective group IDs.
  • setegid() - Set effective group ID.

This document was automatically generated by OpenAI and reviewed by a Human.