Account database

The account database consists of the files (listed with the appropriate access permissions) described in this section.

File: Owner: Group: Permissions:
/etc/passwd root root rw- r-- r--
/etc/group root root rw- r-- r--
/etc/shadow root root rw- --- ---
/etc/.pwlock root root rw- r-- r--

Note that anyone can read /etc/passwd. This lets standard utilities find information about users. The hashed password isn't stored in this file; it's stored in /etc/shadow, which only root has permission to read. This helps prevent attempts to decrypt the passwords.

Note: To protect the security of your user community, make sure you don't change these permissions.