The Linux Security Journey — EUID (Effective User ID)

EUID (Effective User ID) is what is mostly used for determining the permissions of a certain task (process/thread) in a Linux system (https://linuxhandbook.com/uid-linux/). By default, the EUID is equal to the value of RUID, there are also use cases in which those two are different (https://medium.com/@boutnaru/the-linux-security-journey-ruid-real-user-id-b23abcbca9c6).

Moreover, there are use cases in which the EUID is different than the RUID for enabling a non-privileged user to access files which are accessed only by privileged users like root (https://www.geeksforgeeks.org/real-effective-and-saved-userid-in-linux/). For example the case of the utility “passwd” that needs to alter “/etc/shadow” when the user changes a password — as shown in the screenshot below.

Lastly, the EUID is stored in the “euid” field of “struct cred” (https://elixir.bootlin.com/linux/v6.8/source/include/linux/cred.h#L117) that is pointed from the PCB (Process Control Block)/TCB (Thread Control Block) data structure in Linux, which is “struct task_struct” (https://medium.com/@boutnaru/linux-kernel-task-struct-829f51d97275).

See you in my next writeup ;-) You can follow me on twitter — @boutnaru (https://twitter.com/boutnaru). Also, you can read my other writeups on medium — https://medium.com/@boutnaru. You can find my free eBooks at https://TheLearningJourneyEbooks.com.