Full article here
In one of the recent articles we've published, we've learned the file format of
/etc/passwd file, which stores one line entry for each user that can access the system. As one of the fields in each line of the
/etc/passwd denotes whether the password for that user is stored in
/etc/shadow file or not, it can easily be depicted that the actual passwords (of course, in the encrypted form) are stored in the
/etc/shadow file. This article will help you learn more about
/etc/shadow file format in more detail.
/etc/shadow File Permission
To begin with, let us observe and compare the file permissions on both
MyLinuxBox root ~ > ll /etc/passwd -rw-r--r--. 1 root root 1725 Jul 31 23:02 /etc/passwd MyLinuxBox root ~ > ll /etc/shadow -rw-------. 1 root root 1187 Jul 16 09:10 /etc/shadow
/etc/passwdis world readable and
/etc/shadowcan only be read by the root user. This is because, had the password were stored in
/etc/passwdfile, even in encrypted format, anyone could see, decrypt and use them pretty easily. Thus, passwords are actually stored in
/etc/shadowfile which can only be accessed by root or superuser and not made open to the entire world, as there is a huge risk factor involved in it.