Ed Hoeffner wrote: > Can you tell if the su file (/bin ?) has been changed? Years ago (I imagine > people are too advanced for this now) a hacker would move login, replacing > it with a script that did nothing more than look like login, trapping the > password and doing something nefarious with it, show a login failure, and > then call the real login to allow things to run normally. > > Probably has nothing to do with these days and times, but I thought I'd toss > it out anyway. Good idea. I checked and the md5sum of /bin/su matches agains a box that's behaving correctly. -Erik _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota http://www.mn-linux.org tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list