Skip to content

setresuid

Intro

setresuid - set real, effective, and saved user IDs.

Description

The setresuid() system call provides a process with the capability to set its real user ID, effective user ID, and saved set-user-ID.

While the real user ID and effective user ID represent the identity of the process and the identity used for evaluating privileges, respectively, the saved set-user-ID is stored to remember the effective user ID, particularly when a process drops its privileges temporarily and wishes to restore them later.

This mechanism is especially useful for ensuring security and flexibility in scenarios where processes need to alter their privileges for a short duration and revert to their original privileges subsequently.

Arguments

  • ruid:uid_t[K] - The real user ID to be set. A value of -1 indicates no change.
  • euid:uid_t[K] - The effective user ID to be set. A value of -1 indicates no change.
  • suid:uid_t[K] - The saved set-user-ID to be set. A value of -1 indicates no change.

Available Tags

  • K - Originated from kernel-space.
  • U - Originated from user space.
  • TOCTOU - Vulnerable to TOCTOU (time of check, time of use).
  • OPT - Optional argument - might not always be available (passed with null value).

Hooks

sys_setresuid

Type

Tracepoint (through sys_enter).

Purpose

To observe and trace the invocation of the setresuid() system call, capturing details about the modifications to the real, effective, and saved user IDs.

Example Use Case

It's essential to monitor transitions between user IDs in secure environments. Observing such changes can help in identifying potential privilege escalation attempts or processes that toggle their privileges for specific operations.

Issues

If mishandled or if applications using setresuid() have vulnerabilities, they might be exploited to gain unauthorized privileges, leading to security breaches.

  • setuid() - Set the effective user ID.
  • setreuid() - Set real and effective user IDs.
  • seteuid() - Set effective user ID.

This document was automatically generated by OpenAI and reviewed by a Human.