Why are passwords in /etc?
This may be a silly question:
Why is /etc/shadow in /etc?
Generally, applications and static data go in /usr. You could mount
/usr read-only save when installing apps, and none of the core Debian
applications would break.
Similarly, system-wide configuration data goes in /etc. You could
mount /etc read-only, save when reconfiguring the system. bind, dhcpd,
exim, etc would still work, as they drop data in /var. They only
reference /etc for their initial configuration data.
Everything would seem to work with the base apps if /etc were
read-only, except that you couldn't change users' passwords.
Given that passwords are dynamic data, why are they still squirreled
away in /etc? Wouldn't it be more intuitive to have /etc/shadow be
/var/shadow?
Reply to: