Notes:
permission on /etc/shadow is: 400
permission on /etc/password : 644
permission on /usr/bin/passwd : 4755 ( suid is set)
Can root change own/others password?
Yes, (Even he is having read permission on shadow, but
of course root can update any file which is on properly mounted partition).
But can a normal user change his password?
Yes, (HOW? he is not having write permission on password and even not having read permission on shadow so how?)
Here's the solution why??
# which passwd
/usr/bin/passwd
# ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 27768 Jan 6 2012 /usr/bin/passwd
Notes:
The permission on command binary /usr/bin/passwd is 4755 mean any user can execute it and suid is set on it mean, it must be executed as root it's does not matter who is executing it, and root have authority to update any file .
But if we look into this scenario then can user keep any password of him and can he change any password Nooo?
Because passwd binary it's itself authenticate via PAM and run accordingly.
=> inode is is data structure in unix/linux file system
Notes:
SUID stands for Set User ID. This means that if the SUID bit is set for any application then your user ID would be set as that of the owner of application/file rather than the current user, while running that application. That means in case I have an application whose owner is ' root ' and it has its SUID bit set, then when I run this application as a normal user, that application would still run as root. Since the SUID bit tells Linux that the User ID root is set for this application and whenever this application executes it must execute as if root was executing it (since root owns this file).
