[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] smbpasswd error

Adrin wrote:
> I always thought you had to be root to change the smbpassword.  I know the file
> /etc/passwd is not world write able. Neither is the smbpasswd file on my system.  So
> unless smbpasswd, su to root I don't see how it could write to the file. I also just
> checked changing the smbpassword file didn't change the error message.

   A normal user can change their own (/etc/passwd) password, because /usr/bin/passwd has the SUID bit set and is owned by 'root', that is, it runs as the root user without regard to the actual user starting it.

   smbpassword can NOT be set the same way so any user can run it.  It checks itself and complains if it is.  If you use SWAT, then the swat binary can be SUID root and it can run smbpasswd for any user with access to swat.
Lost in Tokyo,