Solved

how the normal user is  able to  change the  /etc/passwd file though he is not having the permission in linux

Posted on 2012-03-17
4
290 Views
Last Modified: 2012-06-27
how the normal user is  able to  change the  /etc/passwd file though he is not having the  write permission  to change the file in linux

and /etc/shadow  have only  read permission for  root user and no access for others

how the changes happening when they are changing the password
0
Comment
Question by:greensuman
  • 2
4 Comments
 
LVL 31

Accepted Solution

by:
farzanj earned 500 total points
ID: 37732651
Well, there are certain pieces of information that user can change in the /etc/passwd file.  He can change the shell by using command chsh and his/her information using chfn.

In /etc/shadow, user can change his/her password using passwd, thus changing the file.

All of the above utilities can by run by common users with root privileges because
1.  These are all binaries.
2.  They all have UID set thus if you do ls -l you would see something like
-rwsr-xr-x 1 root shadow 81856 May  8  2010 /usr/bin/passwd
0
 
LVL 14

Expert Comment

by:systan
ID: 37732661
its not normal, it's impossible

or
maybe logged in as a normal user then changed permission using the "su"

or
maybe knows the administrator account, by hooking up when administrator types the user-name and password to logged in.

or
a linux hacker that waits for the user to logged with the network using administrators account.
This is one good reason why admin not to use full administrative account mode during logging-in in the internet or local network.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 37732666
When a user changes their password it is NOT the user that makes the changes, it is a process that runs with elevated priveledges.

Standard users do not, as you correctly stated, have the ability to directly chage these files, only via the tools that are provided.
0
 
LVL 31

Expert Comment

by:farzanj
ID: 37732688
A normal user DOES change these files by using the utilities I mentioned above.  Yes, these utilities of course run as process--every program runs as at least one process with at least one thread each.  But that is not the point.  The point is that set UID permission empowers a common user by running with the utility's own's effective UID, which in this case is root.  So a common user HAS the ability to change those files due to SUID of these binaries.

For further details take a look at
http://en.wikipedia.org/wiki/Setuid
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Access_log 17 121
issue in getting eth0 IP in oracale virtual box Linux VM 4 54
VMware Workstation 12 Player 16 76
awk variable in printf 1 25
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question