| Linux : Change root passsword
with passwd
I know my root password. I want to change it. Can I simply use the passwd command? ---------------------/ You could change your root password with passwd even if you didn't know your current password. ---------------------/ One interesting question here .... As per my knowledge, /etc/passwd file or /etc/shadow files are owned by root having read permission to owner only. I am not a root and still i can write to these files (when i change my password using passwd command, it updates the shadow file). Now i wonder how can i write to this file without being a superuser ?? Is it not against the permissions ?? Any pointers ??? ---------------------/ The permissions for /etc/passwd are 644 (owner root read/write, everyone else read-only) and for /etc/shadow, 600 (root read/write, no premission for anyone else) because only /etc/shadow stores hashes, so it doesn't matter that everyone can read /etc/passwd. passwd works for normal users because it's owned by root and has the suid bit set, thus no matter who runs it, it always runs as root. suid root programs have been the source of many security holes on UNIX systems, but since passwd is a very simple program, there's little chance anyone will ever expoit it.
Have a Linux Problem
Linux Books
Linux Home: Linux System Administration Hints and Tips (c) www.gotothings.com All material on this site is Copyright.
|