### **Task 1: User IDs and Special Permissions in Linux**

#### **1. Three Types of User IDs in Linux**
1. **Real User ID (RUID)**:
   - Identifies the user who owns the process.
   - Used to check access permissions for files and directories.
   
2. **Effective User ID (EUID)**:
   - Determines the privileges of the process.
   - Can temporarily be different from the RUID when a program runs with SUID.

3. **Saved User ID (SUID)**:
   - Stores the EUID for processes that temporarily switch privileges and want to revert later.

---

#### **2. Purposes of SUID, SGID, and Sticky Bit**
1. **SUID (Set User ID)**:
   - Allows a program to run with the file owner’s privileges, regardless of the user executing it.
   - Example: `/usr/bin/passwd` uses SUID so users can modify `/etc/shadow`.

2. **SGID (Set Group ID)**:
   - When set on files, the file runs with the group owner’s privileges.
   - When set on directories, files created inside inherit the directory's group ownership.

3. **Sticky Bit**:
   - Ensures only the file owner (or root) can delete or modify files in a directory.
   - Example: `/tmp` directory.

---

#### **3. Difference Between "s" and "S" in Permissions**
- **"s"**: Indicates SUID/SGID is active and executable permission is also set.
- **"S"**: Indicates SUID/SGID is active but executable permission is **not** set.

Example:
```bash
-rwsr-xr-x  1 root root 40960 /usr/bin/passwd  # "s": SUID is active, executable set
-r-Sr--r--  1 root root 40960 /somefile        # "S": SUID is active, executable not set
```

---

#### **4. Sticky Bit on a Directory**
- **Effect**: Users can create files, but only the file owner (or root) can delete or modify them.
- **Use Case**: Commonly set on `/tmp` to ensure multi-user security.

---

#### **5. SUID as a Security Risk**
- If a program with SUID has vulnerabilities, attackers can exploit it to gain root privileges.
- Example: Buffer overflow in a SUID program.

---

#### **6. Potential Issues Without Sticky Bit on `/tmp`**
- Users could delete or modify other users' files, causing disruptions in a shared environment.

---

#### **7. Setting Up a Directory for Group `sports`**
1. **Steps**:
   ```bash
   mkdir ~/sports_dir
   chgrp sports ~/sports_dir
   chmod 2770 ~/sports_dir  # SGID for group ownership and write permissions
   chmod +t ~/sports_dir    # Sticky bit for user-deletion protection
   ```

2. **Verify Permissions**:
   ```bash
   ls -ld ~/sports_dir
   ```

---

#### **8. Modifying SUID for `/usr/bin/passwd`**
1. **Verify Permissions**:
   ```bash
   ls -l /usr/bin/passwd
   ```

2. **Remove SUID and Test**:
   ```bash
   chmod u-s /usr/bin/passwd
   passwd  # Try changing the password; it will fail.
   ```

3. **Reset SUID**:
   ```bash
   chmod u+s /usr/bin/passwd
   passwd  # Test again; it will succeed.
   ```

---

#### **9. Find Files with SUID, SGID, or Sticky Bit**
- **Command**:
   ```bash
   find / -perm /6000 -type f 2>/dev/null
   ```

---

### **Task 2: Password Security and Access Control**

#### **1. Protection of `/etc/shadow`**
- **Reason**: Contains hashed passwords; only root or programs with appropriate permissions (e.g., `passwd` with SUID) can access it.

---

#### **2. Advantages of SUID Over Daemons**
- **SUID**:
   - Temporary privilege escalation.
   - Easier to manage and audit.
   - Uses less system resources compared to daemons.
- **Daemons**:
   - Always running, consuming memory and CPU.

---

#### **3. ACLs vs. Traditional File Permissions**
1. **Traditional Permissions**:
   - Limited to owner, group, and others.
2. **ACLs (Access Control Lists)**:
   - Allow fine-grained control over access for specific users or groups.
   - Example: Setting permissions for multiple users on the same file.

---

#### **4. Linux Password Security**
- **Hashing**: Prevents storing passwords in plain text.
- **Salt**:
   - Adds randomness to the hash to prevent precomputed attacks like rainbow tables.
   - Ensures unique hashes for identical passwords.

---

#### **5. Encoding, Hashing, and Encryption**
- **Encoding**:
   - Converts data into a different format for transmission or storage.
   - Example: Base64 encoding.

- **Hashing**:
   - One-way transformation of data.
   - Example: Storing passwords using SHA-256.

- **Encryption**:
   - Secures data with a reversible transformation using a key.
   - Example: AES (symmetric encryption) or RSA (asymmetric encryption).

---

#### **6. Symmetric vs. Asymmetric Encryption**
1. **Symmetric Encryption**:
   - Same key for encryption and decryption.
   - Example: AES.
   - **Limitation**: Key distribution is challenging.

2. **Asymmetric Encryption**:
   - Uses a public key for encryption and a private key for decryption.
   - Example: RSA.
   - **Advantage**: Eliminates the need to share private keys.

---

Would you like diagrams or examples of any of these concepts?