How Normal User Update Shadow File On Password Change

Posted: August 7, 2013 in Uncategorized
In general normal user don’t have access to /etc/shadow file as this file have 400 permission but still normal user can modify this file while changing his password. Following explanation will help you to solve this doubt.
[root@afzalkhan ~]#which passwd
/usr/bin/passwd

[root@afzalkhan ~]#ls -l  /usr/bin/passwd
-rwsr-xr-x 1 root root 27768 Feb  6  2012 /usr/bin/passwd

The permission on command binary /usr/bin/passwd is 4755 mean any user can execute it and suid is set on it mean, it must be executed as root it’s dose not matter who is executing it, and root have authority to update any file .
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s