We talked about users
in the previous video. Now, we're going
to go onto groups. Because as I said,
groups are very often overlooked as a source of
potential danger, but they are. Again, there's a series of
system calls that will get you information about the group that the program belongs to. On many systems, a program
can be in multiple groups. So as the program is running
there is one group known as the primary group
that's typically stored in the
authentication database. Then there are a number
of other groups. There may be zero,
there may be many, called secondary groups, and those are stored
into different file. When the process runs, it runs with the privileges
of all of those groups. Here's how you get
that information. You get the real
ineffective group. Then again, there's a saved
group number, saved GID. The get groups returns
the secondary groups. N is the number of
secondary groups you want. If n is zero, it tells you
how many groups there are. Then you can set
n to that number, issue the system call again
and you'll get an array of integers or actually
group IDs; one per group. If you don't do that first step and you give it a number
that's too small. So the program is in process or the program is in more groups
than there's room, it simply gives you an error. Here's how you do the setting
and these are, again, exactly analogous to this set UID functions that were
in the previous video. Again here, you can change the groups that a processes in. Getting the group names, mapping between group ID,
numeric group IDs, and the names is very similar to mapping between
UIDs and usernames, except here the functions
are called get gr_gid and get gr and em. The first one takes
a numeric group ID and returns information
about the group. Again, if there's no information
in the group database, it's simply returns
a null pointer. Get gr_name is similar, but it takes
the group name and then returns information
about that group. Now, the one trick you
have to know about here is that in the group structure that
those two functions return, there is a field called gr_mem, which is null terminated. It contains a list of
the members of that group. So this way you can see
who is in the group and that list is a set of names. It is not a a set of usernames. It is not user IDs.