Why can ordinary Linux users modify the/etc/passwd file __linux

Unix password file/etc/passwd records all users and the corresponding login password and other information. The owner of the/etc/passwd file is root and only the root user has permission to write to the file. But the UNIX system is actually allowing all users to modify their login password (that is, modify the/etc/passwd or/etc/shadow file) the implementation principle is as follows.

The first thing to note is that there are 6 or more IDs associated with each process, as shown in Figure 1

The valid user IDs of the processes and the additional group IDs determine the file access rights of the people who are asked. In general, the valid user ID equals the actual user ID, and the valid group ID equals the actual group ID

For each file, the detailed properties of the file are stored in the struct stat structure

It is possible to set a special flag in the file mode Word (St_mode), which means "when this file is executed, set the valid user ID of the process to the user ID (st_uid) of the file owner", and similarly, the other one can be set in St_mode,  Sets the valid group ID of the process that executes this file to the group owner ID (st_gid) of the file. In the file mode word these two bits are referred to as setting the user ID and setting the group ID

If the file owner is root and the set user ID bit of the file is set, then the process has root permissions when the file is executed by another process. such as/BIN/PASSWD, the program is a set User ID program, ordinary users use the passwd command to change the login password, the shell will invoke/bin/passwd, when the shell has root permissions, so you can modify/etc/passwd File to change user logon password