issetugid - determine if current executable is running
setuid or setgid
The issetugid() function enables library functions (in lib-
termlib, libc, or other libraries) to guarantee safe
behavior when used in setuid or setgid programs. Some
library functions might be passed insufficient information
and not know whether the current program was started setuid
or setgid because a higher level calling code might have
made changes to the uid, euid, gid, or egid. These low-level
library functions are therefore unable to determine if they
are being run with elevated or normal privileges.
The issetugid() function should be used to determine if a
path name returned from a getenv(3C) call can be used safely
to open the specified file. It is often not safe to open
such a file because the status of the effective uid is not
The result of a call to issetugid() is unaffected by calls
to setuid(), setgid(), or other such calls. In case of a
call to fork(2), the child process inherits the same status.
The status of issetugid() is affected only by execve() (see
exec(2)). If a child process executes a new executable file,
a new issetugid() status will be based on the existing
process's uid, euid, gid, and egid permissions and on the
modes of the executable file. If the new executable file
modes are setuid or setgid, or if the existing process is
executing the new image with uid != euid or gid != egid,
issetugid() will return 1 in the new process.
The issetugid() function returns 1 if the process was made
setuid or setgid as the result of the last or a previous
call to execve(). Otherwise it returns 0.
The issetugid() function is always successful. No return
value is reserved to indicate an error.
See attributes(5) for descriptions of the following attri-
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
| Interface Stability | Evolving |
| MT-Level | Async-Signal-Safe |
exec(2), fork(2), setuid(2), getenv(3C), attributes(5)
Man(1) output converted with