Every process has a set of associated numeric user identifiers (UIDs) and group identifiers (GIDs). Sometimes, these are referred to as process credentials. These identifiers are as follows:
real user ID and group ID;
effective user ID and group ID;
saved set-user-ID and saved set-group-ID;
file-system user ID and group ID (Linux-specific); and
supplementary group IDs.
In this chapter, we look in detail at the purpose of these process identifiers and describe the system calls and library functions that can be used to retrieve and change them. We also discuss the notion of privileged and unprivileged processes, and the use of the set-user-ID and set-group-ID mechanisms, which allow the creation of programs that run with ...