From 715e4bec08a4510273d84929d09a18d185dfb372 Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Sat, 17 Oct 2009 07:35:40 +0200
Subject: [PATCH] setreuid.2: Add more detail on POSIX.1 specification for
 these syscalls

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man2/setreuid.2 | 32 ++++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/man2/setreuid.2 b/man2/setreuid.2
index cae287ffe..530a4d020 100644
--- a/man2/setreuid.2
+++ b/man2/setreuid.2
@@ -40,7 +40,7 @@
 .\"          2004-07-04 by aeb
 .\"          2004-05-27 by Michael Kerrisk
 .\"
-.TH SETREUID 2 2007-07-26 "Linux" "Linux Programmer's Manual"
+.TH SETREUID 2 2009-10-17 "Linux" "Linux Programmer's Manual"
 .SH NAME
 setreuid, setregid \- set real and/or effective user or group ID
 .SH SYNOPSIS
@@ -68,16 +68,12 @@ Supplying a value of \-1 for either the real or effective user ID forces
 the system to leave that ID unchanged.
 
 Unprivileged processes may only set the effective user ID to the real user ID,
-the effective user ID or the saved set-user-ID.
+the effective user ID, or the saved set-user-ID.
 
-POSIX: It is unspecified whether unprivileged processes may set the
-real user ID to the real user ID, the effective user ID or the
-saved set-user-ID.
-
-Linux: Unprivileged users may only set the real user ID to
+Unprivileged users may only set the real user ID to
 the real user ID or the effective user ID.
 
-Linux: If the real user ID is set or the effective user ID is set to a value
+If the real user ID is set or the effective user ID is set to a value
 not equal to the previous real user ID,
 the saved set-user-ID will be set to the new effective user ID.
 
@@ -117,6 +113,26 @@ function calls first appeared in 4.2BSD).
 Setting the effective user (group) ID to the
 saved set-user-ID (saved set-group-ID) is
 possible since Linux 1.1.37 (1.1.38).
+
+POSIX.1 does not specify all of possible ID changes that are permitted
+on Linux for an unprivileged process.
+For
+.BR setreuid (),
+the effective user ID can be made the same as the 
+real user ID or the save set-user-ID,
+and it is unspecified whether unprivileged processes may set the
+real user ID to the real user ID, the effective user ID, or the
+saved set-user-ID.
+For
+.BR setregid (),
+the real group ID can be changed to the value of the saved set-group-ID,
+and the effective group ID can be changed to the value of
+the real group ID or the saved set-group-ID.
+The precise details of what ID changes are permitted vary
+across implementations.
+
+POSIX.1 makes no specification about the effect of these calls
+on the saved set-user-ID and saved set-group-ID.
 .SH "SEE ALSO"
 .BR getgid (2),
 .BR getuid (2),