The whoami command is just like id, except that it shows only the effective user ID, not all the other information.
The su command enables you to become the superuser if you know the root password.
The trick is that the su program is a setuid program. That means that when it is run, the effective user ID of the process will be that of the file's owner rather than the effective user ID of the process that performed the exec call. (The real user ID will still be that of the executing user.)
To create a setuid program, you use chmod +s at the command line, or use the S_ISUID flag if calling chmod programmatically.
For example, consider the http://siber.cankaya.edu.tr/SystemsProgramming/cfiles/setuid-test.c program in Fig. 11.3
Figure 11.3:
Setuid Demonstration Program.
$ ./setuid-test
$ chmod +s setuid-test
$ ls -la
$ ./setuid-test
$ ls -la
$ su
$ ./setuid-test
Note that the effective user ID is set to 0 when the program is run.
su is capable of changing the effective user ID through this mechanism. It runs initially with an effective user ID of 0.
Then it prompts you for a password. If the password matches the root password, it sets its real user ID to be root as well and then starts a new shell.
Take a look at the permissions on the su program:
$ ls -l /bin/su
Notice that it's owned by root and that the setuid bit is set.
Note that su doesn't actually change the user ID of the shell from which it was run. Instead, it starts a new shell process with the new user ID. The original shell is blocked until the new shell completes and su exits.
