When user changes his password if shadowing is enabled then changes occur in the /etc/shadow file automatically.How?I want to know how this happens although in Linux,normal users don't have the access to this shadow file.How this exactly works??????How can user change his password in Linux although he is not having the access to shadow file?
In order to change your password you generally use passwd. So if you look at the passwd program you will notice something interesting:
ls -la /usr/bin/passwd
-rwsr-xr-x 1 root root 19480 2008-08-31 15:29 /usr/bin/passwd
Compare this to bash:
ls -la /bin/bash
-rwxr-xr-x 1 root root 549188 2009-01-29 06:35 /bin/bash
Note that the passwd program has a 's' in it's permissions for owner? What this means is that when the passwd program is run, it inherits the ownership of the executable (in this case, root) and whilst the user has no access to the /etc/shadow file, root does.
You can set this special bit on a file of your own. For example (though NOT recommended) you could make rm always run as root, meaning ANYONE on the system could delete ANY file by doing this:
chmod u+s /bin/rm
Of course, this needs to be run as root :)
NOTE that some Linux systems will prohibit scripts from utilising this feature due to there inherent insecure nature (which I personally disagree with).How can user change his password in Linux although he is not having the access to shadow file?
The user does not make the change to the shadow file but the system records the change. There are very many files that the user does not have access to but when the user does some action there is a change made by the system to record the action.
Every time the user logs on it is recorded and the user does not have access to change the log files.How can user change his password in Linux although he is not having the access to shadow file?
Usually you talk to something that can change the /etc/shadow file like PAM (pluggable authentication module).
Subscribe to:
Post Comments
(Atom)
No comments:
Post a Comment