SetUID and SetGID question

Smoot Carl-Mitchell smoot at
Sun Sep 11 01:01:48 UTC 2011

On Sat, 2011-09-10 at 20:05 +0300, Ioannis Vranos wrote:

> Hi Smoot,
> Thank you for your answer. When enabling both SetUID and SetGID for an
> executable, hasn't it the same effect as enabling SetUID only?

No, it does not have the same effect.  Suppose you have an executable
with uid of "foo" and gid of "bar".  Suppose your own uid is "sam" and
your primary gid is "samsgroup".  Here is the permission of the process
when it runs the executable:

no setuid or setgid:  "sam"  "samsgroup"
setuid only: "foo" "samsgroup"
setgid only "sam" "bar"
setuid and setgid":  ""foo" "bar"

One point of confusion may be most setuid programs have "root" as the
user which means it has access to all system resources.  In that case
the setgid settings is irrelevant.  But setuid and setgid can be used to
set the authorization permissions to any user or group.

Smoot Carl-Mitchell
System/Network Architect
voice: +1 480 922-7313
cell: +1 602 421-9005
smoot at

More information about the ubuntu-users mailing list