NCAE Mapping Hub
Overview Scoreboard Data Roles Exercised Checklists Lessons Skill Drills Practice Terminal Progress
short_answer medium Understand setuid-chain 2 points

Question 8. CSCD240-E1-B

Who owns /usr/bin/passwd in the ls -l line? Why does that matter for setuid?

Work the drill

Answer on paper or in a terminal before revealing the ideal answer.

Ideal answer
root. With setuid, the process runs with root's EUID, which is what grants it write access to /etc/shadow.

Misconception bank

Each row below is a plausible wrong answer, the thinking that produces it, and the remedy that corrects the misconception. These are the foundation of the multiple-choice framing and the targeted feedback a student receives after answering.

The invoker
Misconception. Misunderstands setuid direction — it elevates, not matches.
Remedy. Walk through: who runs it? Whose UID do they get? Why does that matter?

Authority mappings

Hover any chip for the mapping justification; click to open the authority record.

DCWF roles: CE-121 Exploitation Analyst
DCWF tasks: T0250
KU outcomes: CO-M10-O1

Course-artifact links

Lectures

  • CSCD240-S26-L05. Permissions part 1: ls -l anatomy, rwx, file types