EXPLANATION
/etc/passwd file stores essential information, which
required during login. In other words, it stores user account
information. The /etc/passwd is a plain text file. It contains a list of
the system’s accounts, giving for each account some useful information
like user ID, group ID, home directory, shell, and more. The /etc/passwd
file should have general read permission as many command utilities use
it to map user IDs to user names. However, write access to the
/etc/passwd must only limit for the superuser/root account.
The /etc/passwd File. /etc/passwd is a text file that contains the attributes of (i.e., basic information about) each user or account on a computer running Linux or another Unix-like operating system. Each line in /etc/passwd represents a single user.
"Name
passwd - password file
Description
The
/etc/passwd file is a text file that describes user login accounts for
the system. It should have read permission allowed for all users (many
utilities, like ls(1) use it to map user IDs to usernames), but write
access only for the superuser."
The /etc/shadow file, which
stores hashed passwords, can only be read by owner root, (and maybe
members of group shadow, in some distributions):
$ ls -lL /etc/shadow
-rw-r----- 1 root shadow 1266 Dec 19 2017 /etc/shadow
The
"passwd" utility allows non-privileged users to run the utility with an
effective ID of the file's owner, in this case root. This means that
non-privileged users can read and update the /etc/shadow file, via the
"passwd" binary, when they change passwords.
ls -l $(which passwd)
-rwsr-xr-x 1 root shadow 51200 Sep 27 2013 /usr/bin/passwd
^
## ^
## "s" is the setuid bit.
The setuid bit allows non-privileged users to run /usr/bin/passwd as the file's owner, root.
Note
that in modern versions of Linux and Unix, the password file,
/etc/passwd, does not contain passwords. Rather, the second field of
each line will have an "x", indicating that a hashed password is stored
in /etc/shadow
SOURCE
https://linux.die.net/man/5/passwd
