D. J. Bernstein

The setuidgid program

setuidgid runs another program under a specified account's uid and gid.


     setuidgid account child
account is a single argument. child consists of one or more arguments.

setuidgid sets its uid and gid to account's uid and gid, removing all supplementary groups. It then runs child.

setuidgid exits 111 if it cannot find a UNIX account named account, if it cannot setgid, if it cannot setuid, or if it cannot run child. Otherwise its exit code is the same as that of child.

setuidgid cannot be run by anyone other than root.