File System UID and GID in Linux – Understanding and Usage

Who would have thought that this question would drag out such a collection of overconfident and underinformed responses!

The file system uid or fsuid is a Linux feature designed to help the NFS server implementation. It is an extra (non-POSIX) uid which is used only for file permission checks. For any process that doesn't call setfsuid (basically any process that's not trying to be an NFS server), the fsuid is the same as the effective uid.

There's even a man page for it, so excuse for claiming it doesn't exist.

Update: I was inspired to go find the origin of fsuid. When it was added in Linux 1.1.44, this comment was put above the new sys_setfsuid function:

+/*
+ * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
+ * is used for "access()" and for the NFS daemon (letting nfsd stay at
+ * whatever uid it wants to). It normally shadows "euid", except when
+ * explicitly set by setfsuid() or for access..
+ */

and this change was made in the comment above sys_access:

- * XXX we should use the real ids for checking _all_ components of the
- * path.  Now we only use them for the final component of the path.
+ * access() needs to use the real uid/gid, not the effective uid/gid.
+ * We do this by temporarily setting fsuid/fsgid to the wanted values

So NFS was one of the original two purposes. The other was making access() work correctly. access() is used by setuid programs to determine whether the real user would have access to a file without the additional privileges of the setuid. Before 1.1.44 it was buggy. Since then, it's been using a temporary change of fsuid to do the work. Since the fsuid is restored before the access() system call returns, you'll never actually see the change from userspace.