LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   non-root permission to the /etc/shadow? (https://www.linuxquestions.org/questions/linux-security-4/non-root-permission-to-the-etc-shadow-4175638834/)

tvdtharindu 09-20-2018 11:56 PM
non-root permission to the /etc/shadow?
 
A regular user needs to change his password. Users' encrypted password is stored in /etc/shadow a file which can only be modified by the root user. How a non-root user can change his own password when he does not have write permission to the /etc/shadow?

berndbausch 09-21-2018 12:38 AM
Quote:
Originally Posted by tvdtharindu (Post 5905988)
A regular user needs to change his password. Users' encrypted password is stored in /etc/shadow a file which can only be modified by the root user. How a non-root user can change his own password when he does not have write permission to the /etc/shadow?
The passwd program has the setuid bit. It's the "s" in "rws" below:
Code:
$ ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 54256 May 17  2017 /usr/bin/passwd
The effect is that a passwd process adopts the identity of the owner, in this case root. This is how it can modify the shadow file.

Lots of detail in Wikipedia.

tvdtharindu 09-21-2018 03:32 AM
Quote:
Originally Posted by berndbausch (Post 5905998)
The passwd program has the setuid bit. It's the "s" in "rws" below:
Code:
$ ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 54256 May 17  2017 /usr/bin/passwd
The effect is that a passwd process adopts the identity of the owner, in this case root. This is how it can modify the shadow file.

Lots of detail in Wikipedia.
thanks berndbausch ..

did bit of research and found some details , but couldn't combine all those. your answer completed quarry


All times are GMT -5. The time now is 12:39 PM.