ls -l /usr/bin/passwd
-rwsr-xr-x 1 root root 37140 2010-01-26 12:09 /usr/bin/passwd
so we need to remove the suid for that command as follows :- chmod u-s /usr/bin/passwd
now normal users won't be able to change their own passwords - and only the root user will be able to do it for them.
No comments:
Post a Comment