Linux Basics

You are currently auditing this course.
98 / 107

Permissions of Processes - setuid

In Unix, there is a file /etc/shadow that contains (one-way)encrypted passwords of every user. The user can not see the contents of the file. This is to defend the password cracking programs.

To change the password, the user needs to use the command: passwd. This passwd command first asks you for your old password and encrypts your input and compares it against the value in the file /etc/shadow. If it matches then it updates the password file /etc/shadow with new content.

When you are not allowed to view the /etc/shadow file, how can a program (passwd) do the same when run by you?

This is where the idea of special permission called setuid came into picture. A program file can be given setuid permission such that the program becomes the user who owns the program file instead of the user who is running it.


No hints are availble for this assesment

Answer is not availble for this assesment

Loading comments...