how local user able to change password?
I have been thinking how normal users are able to change their password. I heard the linux password file reside encrypted at the /etc/shadow file which has root permission only. then how are we able to change our password if we cannot access the shadow file?
|
You use the "passwd" program. It is an suid root program. If you run it as a normal user, you can only change your own password. If you run it as root, you can change anyones password. When the program edits the /etc/passwd & /etc/shadow files, it does so as the root user.
|
then is there no other way to view /etc/shadow by a local user?
|
No, not unless the privileges on the file have been set wrong, or someone made an editor or something setruid root or gained root (or group shadow) on your system.
Quote:
See 'man shadow' and the stuff in /usr/doc/shadow-(version)/. |
All times are GMT -5. The time now is 07:42 AM. |