setfsgid16¶

Intro¶

setfsgid16 - set the effective group id for the current thread

Description¶

The setfsgid16() call sets the effective group ID for the current thread to fsgid. It is analogous to setegid(), but can only be used to set the effective group ID of the calling process to one of the real, effective, or saved GIDs.

setfsgid16() is intended for use only in systems with an 16-bit GID type. On Linux and other systems with a 32-bit GID type, the setfsgid() wrapper function is provided using the new setfsgid32() system call.

Arguments¶

fsgid:old_gid_t[U, OPT] - the new group id for the current thread.

Available Tags¶

K - Originated from kernel-space.
U - Originated from user space (for example, pointer to user space memory used to get it)
TOCTOU - Vulnerable to TOCTOU (time of check, time of use)
OPT - Optional argument - might not always be available (passed with null value)

Hooks¶

sys_setfsgid16¶

Type¶

Tracepoints

Purpose¶

To monitor attempts to change the effective group ID of the current thread.

Example Use Case¶

A user space application could use setfsgid16() to change its effective GID after verifying its permission to do so.

Issues¶

None known.

setegid(), setfsgid32()

This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.