LinuxSA Mailing list archives

Index: [thread] [date] [subject] [author] [stats]

  From: Barney Wrightson <Barney.Wrightson@dsto.defence.gov.au>
  To  : Ryan Verner <xfesty@computeraddictions.com.au>
  Date: Wed, 02 Jul 2003 15:38:30 +0930

Re: Wierd /usr/bin/passwd on RH7.3

Ryan Verner wrote:

>The system's configured for yp stuff, wondering if this has anything to do with it; although it 
>doesn't make sense to me why the passwd binary would be modified.
>
>R
>  
>
I would suspect that either <non paranoid> someone has screwed up a 
redirection while root and accidentally overwritten passwd, </non 
paranoid> <paranoid> or someone has deliberately replaced passwd, eg. a 
cracker and the file donga was meant to do something nasty, but didn't 
get uploaded </paranoid>

I would think any legitimate reason for replacing passwd would be better 
achieved in a way that didn't just wack the existing binary.

Barney

-- 
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.freenode.net
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject

Index: [thread] [date] [subject] [author] [stats]

Return to the LinuxSA Mailing List Information Page