Refer to the Exhibit.
[root@server1 ~ # 1s -1 /usr/bin/passwd
-r-x—x—x 1 root root 21200 oct 7 21:01 /usr/bin/passwd
[root@server1 ~] # 1s -1 /etc/shadow
-r – – – – – – – – 1 root root 1818 Mar 7 10:31 /etc/shadow]
[root@server1 ~]#
A user smith is on your system complained that he is not able to change his password. As the
administrator, you long-listed the passwd command and the /etc/shadow file.
View the Exhibit that shows the output.
What must you do to enable this user to change his password?
A.
Set SGID on /usr/bin/passwd.
B.
Set SUID on /usr/bin/passwd.
C.
Set sticky bit on /usr/bin/passwd.
D.
Set read and write permission for others on /etc/shadow.
E.
Set permission on /etc/shadow to 600.
Explanation:
Set rw permission for other to /etc/shadow? What?
And everybody can owverwrite others (inlcuding root) encrypted password?????
And everybady can steal encrypted passwords for brute force breaking????
Absolutely bad answer!
Of course B is is the good answer.
I agree, B should be the answer.
B
The answer is B
============
setuid means set user ID upon execution. If setuid bit turned on a file, user executing that executable file gets the permissions of the individual or group that owns the file. You need to use the ls -l or find command to see setuid programs. All setuid programs displays S or s in the permission bit (owner-execute) of the ls command. Type the following command:
ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 42856 2015-12-01 14:16 /usr/bin/passwd