# User IDs
## Note: Run the notebook as regular user

- every user on \*nix system has unique user ID number
- **id** command can be used to display user's id

In [1]:
! id

uid=0(root) gid=0(root) groups=0(root)


In [2]:
! id -u

0


In [3]:
! id user

uid=1000(user) gid=1000(user) groups=1000(user),27(sudo)


## add 2 users to the system
- add tom and jerry as users to play with notesearch program provided by Hacking book
    - `$ sudo adduser tom`
    - `$ sudo adduser jerry`

In [4]:
! id tom

id: ‘tom’: no such user


In [6]:
! id jerry

uid=1004(jerry) gid=1004(jerry) groups=1004(jerry)


In [7]:
! finger tom

Login: tom            			Name: Tom Cat
Directory: /home/tom                	Shell: /bin/bash
Office: 123, x3132			Home Phone: 23-2323
Never logged in.
No mail.
No Plan.


## Setuid programs
- some programs need to be accessed by all users
- all users need to access and modify common files like /etc/passwd, /etc/shadow
- how's that possible?
    - **setuid** flag to the rescue
- **setuid** programs have **s** in the ls -l output
    - e.g., see passwd and chsh programs
    - these programs are owned by root
    - run as root user when any user run these programs
    - the logic is written in such a way that only the line pertaining to the user can be modified by each user
- running program can have both a real user ID and effective user ID
    - can be retrieved using getuid() and geteuid() respectively
    - see booksrc/uid_demo.c

In [5]:
# password file with user info
! ls -l /etc/passwd /etc/shadow

-rw-r--r-- 1 root root   2999 Feb  3 13:22 /etc/passwd
-rw-r----- 1 root shadow 1717 Feb  3 13:22 /etc/shadow


In [6]:
# password and chsh programs
! ls -l $(which passwd)  $(which chsh)

-rwsr-xr-x 1 root root 47904 Jul 16  2019 /usr/bin/chsh
-rwsr-xr-x 1 root root 66284 Jul 16  2019 /usr/bin/passwd


### booksrc/uid_demo.c

In [7]:
! cat ./booksrc/uid_demo.c

#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>

int main()
{
   printf("real uid: %d\n", getuid());
   printf("effective uid: %d\n", geteuid());
}


In [8]:
%%bash
in=./booksrc/uid_demo.c
out=uid_demo.out
gcc -o $out $in

In [9]:
! ./uid_demo.out

real uid: 0
effective uid: 0


In [None]:
! ls -l uid_demo.out

Modify the ownership to root from terminal as it requires sudo priviledge

`sudo chown root:root ./uid_demo`

In [None]:
%%bash
ls -l uid_demo.out
./uid_demo.out

Set setuid flag using terminal

`sudo chmod u+s ./uid_demo`

In [None]:
%%bash
ls -l uid_demo.out
./uid_demo.out

## compile simplenote.c in booksrc
- add several notes for the loggedin user
- try adding notes for other users
    - how do we fix the problem?
    - better program... booksrc/notetaker.c

In [None]:
! gcc -o simplenote.out ./booksrc/simplenote.c

In [None]:
! ls -al /tmp/notes

## compile notetaker.c in hacking/booksrc
- set setuid
- add several notes for each user
- notes are written to /var/notes instead of /tmp/notes