posted 13 years ago
Linux comes from Unix and Unix grew up in college computer labs, which means that it very quickly learned to protect itself from student pranks, hackers, and less admirable things.
Every file and directory in the Linux filesystem has a filesystem mask that indicates the permission to read, write, or execute (in the case of directories, to access). These 3 bits are themselves grouped into 3 categories: owner, group, and other.
/etc/shadow has by default the following mask: 400, which means that only the owner (root) can read it, and no else can do anything with it. So it's set up properly right out of the box.
/etc/shadow was, in fact created because people were reading /etc/passwd to get stuff like the list of valid userids, and they didn't want the really critical info to be in that file. So if a password is "x", the actual password is in /etc/shadow.
Ironically, this simple system is a lot less powerful than the ACL system that Windows NT and later versions support, but since security isn't something that can be slapped on top of an insecure system, Windows is infamous for security problems and Unix and Linux are not.
However, the 3-bits system is pretty crude, so more recently the selinux system was developed to allow more precise control of access. That, however, is a topic worthy of an entire book.
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
