asked on

how the normal user is able to change the /etc/passwd file though he is not having the permission in linux

how the normal user is able to change the /etc/passwd file though he is not having the write permission to change the file in linux

and /etc/shadow have only read permission for root user and no access for others

how the changes happening when they are changing the password

ASKER CERTIFIED SOLUTION

farzanj

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

systan

its not normal, it's impossible

or
maybe logged in as a normal user then changed permission using the "su"

or
maybe knows the administrator account, by hooking up when administrator types the user-name and password to logged in.

or
a linux hacker that waits for the user to logged with the network using administrators account.
This is one good reason why admin not to use full administrative account mode during logging-in in the internet or local network.

Neil Russell

When a user changes their password it is NOT the user that makes the changes, it is a process that runs with elevated priveledges.

Standard users do not, as you correctly stated, have the ability to directly chage these files, only via the tools that are provided.

farzanj

A normal user DOES change these files by using the utilities I mentioned above. Yes, these utilities of course run as process--every program runs as at least one process with at least one thread each. But that is not the point. The point is that set UID permission empowers a common user by running with the utility's own's effective UID, which in this case is root. So a common user HAS the ability to change those files due to SUID of these binaries.

For further details take a look at
http://en.wikipedia.org/wiki/Setuid