setregid16¶
Intro¶
setregid16 - Set real and effective group IDs in a 16-bit environment
Description¶
The setregid16() system call changes the real and effective group IDs of the calling process to rgid and egid, respectively. The argument rgid is taken as the new real group ID, and the argument egid is taken as the new effective group ID. If the effective UID of the process is 0 (root), then both arguments are taken as the real group ID and the saved group ID is set to egid. If the effective UID of the process is nonzero, then only rgid needs to be equal to the real group ID, and setregid16() sets the effective group ID to egid provided that it is equal to either the real group ID or the saved group ID.
Arguments¶
rgid:old_gid_t[K] - Real group ID to be set.egid:old_gid_t[K] - Effective group ID to be set.
Available Tags¶
- K - Originated from kernel-space.
Hooks¶
sys_setregid16¶
Type¶
Kprobe
Purpose¶
Trace when the setregid16 system call is called.
Example Use Case¶
Setregid16 can be useful in security contexts as it allows to change the real GID of the current process to a specific number or values which is important for granting or revoking access to certain resources which could be guarded by specific modern capabilities.
Issues¶
It is important to note that setregid16 system call has been deprecated in newer versions of Linux in favor of setregid system call.
Related Events¶
setregidsystem call
This document was automatically generated by OpenAI and needs review. It might not be accurate and might contain errors. The authors of Tracee recommend that the user reads the "events.go" source file to understand the events and their arguments better.