Quote:
Originally Posted by tvdtharindu
A regular user needs to change his password. Users' encrypted password is stored in /etc/shadow a file which can only be modified by the root user. How a non-root user can change his own password when he does not have write permission to the /etc/shadow?
|
The passwd program has the setuid bit. It's the "s" in "rws" below:
Code:
$ ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 54256 May 17 2017 /usr/bin/passwd
The effect is that a passwd process adopts the identity of the owner, in this case root. This is how it can modify the shadow file.
Lots of detail in
Wikipedia.