I've been noticed that normal users can change their own passwords without sudo. But as far as i know, to change password has to write the /etc/shadow file which is accessible only by root.
How does that happen??
Asked
Active
Viewed 1.6k times
2 Answers
7
The passwd program in installed setuid root:
$ ls -l `which passwd`
-rwsr-xr-x 1 root root 41284 Sep 12 2012 /usr/bin/passwd
Note the s in the fourth position. This is a flag that can be set in the file permissions that tells Linux to assume the privileges of the user that owns the executable when it is run - in this case, root.
pobrelkey
- 5,853
- 20
- 29
-
But to change the password, program have to write to the password database. I suppose only the root can access that database (otherwise any normal user will be able to change the database directly). So, problem is, if someone cannot change the password database, how they change their password? – Chen Oct 27 '13 at 16:29
-
The setuid flag means `passwd` runs with the privileges of root, not of the user that invokes it - therefore the `passwd` program can read/write `/etc/shadow`. – pobrelkey Oct 27 '13 at 17:07
0
User can just change the password running
passwd
from linux command line.
user702300
- 1,211
- 5
- 22
- 32
-
This is true, but it doesn't explain how passwd is able to write to the /etc/shadow file. – 8128 Oct 14 '14 at 09:50