LinuxQuestions.org - [SOLVED] How can the non-root users change their password if.......

- Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)

- - How can the non-root users change their password if....... (https://www.linuxquestions.org/questions/linux-newbie-8/how-can-the-non-root-users-change-their-password-if-823221/)

challavijay

07-31-2010 08:24 AM

How can the non-root users change their password if.......

Hi fnds,
This is my first thread. Nice to meet you all.
I have one question regarding the file permissions of /etc/passwd in fact it has permissions like rw-r--r--so it says others have only
read only permissions but my questions is if others has read only permissions on /etc/passwd file.how they are able to change their password i.e others are able to change their passwords then how it is possible.

please let me know how it works
Thank you in advance

djsmiley2k

07-31-2010 08:32 AM

I'd presume that when passwd is called, it creates a process with the abilty to write to this file (as root) after checking the user is authorised.

The reason everyone can read it is so that other processes may check the given password is correct, but may not change the password.

bathory

07-31-2010 08:40 AM

It's because /usr/bin/passwd runs suid root
Read this for a complete explanation

Regards

arizonagroovejet

07-31-2010 02:55 PM

bathory answered your question but I'll add that unless you're running a version of *nix from several decades ago, passwords are stored in /etc/shadow, not /etc/passwd.

All times are GMT -5. The time now is 06:53 AM.