Why do many linux files have others=read access?
Solution 1:
Because many programs might need access to those files. As an example, whenever you do an 'ls -l', the system will look up /etc/passwd to translate between numerical uid and the username. This wouldn't work if the user didn't have any rights to read that file.
Even more important, if you would take the read rights for every file, you couldn't even login anymore, because you were not allowed to read the shell binary.
Solution 2:
Why not leave system files readable?
-
Obscurity is not security
Your system should be just as secure even if people know how it works. If you're relying on details being kept secret to keep your system secure it's just a matter of time before it's broken.
-
How will you work?
It is generally accepted that you should use the root account as little as possible. If you have to use the root account for the most basic of tasks you'll end up just using it all the time.
-
System functionality
In many cases the system can't function if certain important conf files can't be read by non root users, as others have illustrated with the
/etc/passwdexample.
can i do chmod o=- -R / ?
Not if you want to actually be able to login and use the system. Nothing's perfect, but for the most part most distributions have relatively sensible default permissions in most cases. Some of these may need to be changed depending on your circumstances, but it should be discussed on a file by file basis, where the affects of changing the file permissions are known.