setfsgid¶
Intro¶
setfsgid - This system call changes the Effective Group ID of the calling process to the group ID passed in.
Description¶
The setfsgid() system call sets the Effective Group ID of the calling process to the group ID passed in. no permission checks are performed. This means that setfsgid() is allowed to set the Effective Group ID to values which are not permitted for the real user ID or for the saved set-user-ID.
setfsgid() is allowed in environments where the user is not privileged (Does not have the CAP_SETGID capability). It is typically used by programs that change their group ID in order to access group-restricted files, but do not want to permanently drop all group privileges.
The setfsgid() system call is the non-privileged version of the setegid() system call (which sets the Effective Group ID of a process). The setfsgid() system call also changes the File System Group ID (FSGID) of the calling process. The FSGID is used as the group for new files created by the calling process; it is also used for determining file access for non-numeric user ID or group ID permissions.
Arguments¶
fsgid:gid_t- The group ID to set the Effective Group ID and the File System Group ID to.
Hooks¶
SYS_setfsgid¶
Type¶
Kprobe
Purpose¶
This function is hooked to capture when the setfsgid syscall is called and log the arguments passed in.
Example Use Case¶
The setfsgid() system call can be used by applications that want to change their group ID temporarily in order to access group-restricted files, but do not want to permanently drop all group privileges.
Issues¶
None.
Related Events¶
- setgid
- getgid
This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.