Mostly /usr/bin/passwd command has the following SUID permission (Given Below)
-r-s--x--x 1 root root 19348 Jan 12 2008 /usr/bin/passwd
The numerical value of the file permission translates to 4411. Whenever a SUID file is executed, the process that runs it, is granted access to the system resources based on the user who owns the file and not the user who created the process.
So, we need to remove the SUID for that command, so that the normal users are denied the privileges of updating the file. To do so we use the following command
chmod u-s /usr/bin/passwd
- OR
chmod 511 /usr/bin/passwd
-r-s--x--x 1 root root 19348 Jan 12 2008 /usr/bin/passwd
The numerical value of the file permission translates to 4411. Whenever a SUID file is executed, the process that runs it, is granted access to the system resources based on the user who owns the file and not the user who created the process.
So, we need to remove the SUID for that command, so that the normal users are denied the privileges of updating the file. To do so we use the following command
chmod u-s /usr/bin/passwd
- OR
chmod 511 /usr/bin/passwd
Comments