File permissions [25 points] After discovering a vulnerability in the passwd utility, the Linux developers have decided that it is too dangerous to continue to run the utility as root (through setuid). Unfortunately, there's no Linux capability that lets a process specifically edit /etc/shadow, the file that Linux uses to store password data. Note: This problem incorrectly stated /etc/passwd instead of /etc/shadow when released. UNIX originally stored password data in /etc/passwd but this was later changed to /etc/shadow. The high-level idea of your solution should not change and we'll accept answers assuming password data is stored in /etc/passwd or /etc/shadow. 1. The kernel developers have asked you to devise a new mechanism where the passwd command no longer runs as root, but users can only change their own password and can't change any other users' passwords. Your solution can't change the Linux kernel itself (e.g., introduce a new capability), but the developers have created a new service account passwd that you can use. If you change the ownership, permissions, or setuid bit on any files, you should note the new values in your solution. [10 points] File permissions [25 points] After discovering a vulnerability in the passwd utility, the Linux developers have decided that it is too dangerous to continue to run the utility as root (through setuid). Unfortunately, there's no Linux capability that lets a process specifically edit /etc/shadow, the file that Linux uses to store password data. Note: This problem incorrectly stated /etc/passwd instead of /etc/shadow when released. UNIX originally stored password data in /etc/passwd but this was later changed to /etc/shadow. The high-level idea of your solution should not change and we'll accept answers assuming password data is stored in /etc/passwd or /etc/shadow. 1. The kernel developers have asked you to devise a new mechanism where the passwd command no longer runs as root, but users can only change their own password and can't change any other users' passwords. Your solution can't change the Linux kernel itself (e.g., introduce a new capability), but the developers have created a new service account passwd that you can use. If you change the ownership, permissions, or setuid bit on any files, you should note the new values in your solution. [10 points]