Skip to content

setfsgid

Intro

setfsgid - set the filesystem group ID.

Description

The setfsgid() system call allows a process to alter its filesystem group ID.

This ID is utilized primarily for determining file access permissions during a system call. While the filesystem GID is usually identical to the effective GID of a process, they can differ under specific circumstances.

setfsgid() provides a mechanism for a process to adjust its identity temporarily when accessing filesystem resources without altering its effective GID. This capability facilitates a more detailed level of access control for the filesystem, particularly beneficial for applications that handle files on behalf of multiple users.

Arguments

  • fsgid:gid_t[K] - The new filesystem group ID to be set.

Available Tags

  • K - Originated from kernel-space.
  • U - Originated from user space.
  • TOCTOU - Vulnerable to TOCTOU (time of check, time of use).
  • OPT - Optional argument - might not always be available (passed with null value).

Hooks

sys_setfsgid

Type

Tracepoint (through sys_enter).

Purpose

To monitor and record instances when the setfsgid() system call is executed, capturing specifics about the new filesystem group ID being assigned.

Example Use Case

Observing alterations in filesystem GIDs is essential for overseeing file access patterns, ensuring that processes aren't modifying file permissions in unexpected ways or accessing files beyond their designated privileges.

Issues

Misuse of the setfsgid() system call or vulnerabilities in software utilizing it can lead to potential security issues, resulting in unauthorized group access or inadvertent permission changes.

  • setfsuid() - Set the filesystem user ID.
  • setgid() - Set the effective group ID.
  • setegid() - Set effective group ID.

This document was automatically generated by OpenAI and reviewed by a Human.