Hacker News new | past | comments | ask | show | jobs | submit login

Only root can do that.



I'm not sure why that would matter, but that's not true. No sudo needed to look up that I set my password on this VM on 2013-10-08.


That was a direct copy'n'paste from a session on centos7.

Password age is kept in /etc/shadow, not /etc/passwd.

So the passwd command is (needs to be) setuid.

Redhat generally limits what setuid programs can do.

Probably sensible.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: