I was checking the /etc/passwd file to confirm that my user account isn't root, which it isn't. However, I noticed that I can open it in a text editor like Kate and make changes without any restrictions, even though Google's chatbot suggested that this file shouldn't be editable without proper permissions. The file is owned by root, so I'm confused about this. Can anyone clarify if it's normal for this file to be editable and if I should take additional steps to secure it? I'm using Arch Linux with KDE, so I'm wondering if there might be other misconfigurations as well.
2 Answers
Yeah, it’s typical for the /etc/passwd file to have 644 permissions, which means it’s readable by everyone. So, you can view it, but only the root user can make changes. Just keep in mind, it doesn't actually store passwords—those are in /etc/shadow, which is much stricter on access rights. Editing /etc/passwd isn't really something you should do unless absolutely necessary.
You're correct! The /etc/passwd file is readable for everyone, which is why you can open it. But it’s only writable by the root user. If you're able to add text and save it, it might be worth double-checking your permissions or user settings. Are you getting any warnings when trying to save changes?

Yeah, I do get a prompt asking if I want to save or discard changes when I close the editor. That’s what worried me—in case I was unintentionally doing something wrong.