I think people are more or less wondering why the client is looking at anything in the /etc directory. It's not like your password is stored in the /etc/passwd file (anymore). Any user can look at the /etc/passwd file, it's not a big deal (IMHO). Unless skype is trying to harvest usernames to try and send e-mail messages to other users on your machine. Which is unlikely but possible. I don't really see a reason why a VoIP client would need to look in /etc/, the only file system access should be to your home directory IMHO.
-Miller On 8/28/07, Bob Miller <[EMAIL PROTECTED]> wrote: > Neil Parker wrote: > > > No. The closest you can get is probably to run your suspicious software > > under the control of strace or something similar. This will report all > > system calls made by the process, including attempts to open files. (I > > believe this was exactly how skype's suspicious behavior was discovered.) > > What, exactly, is suspicious about reading /etc/passwd? > /etc/passwd is used to map numeric user IDs to user names. > It's also used to map user IDs and names to full names. > > Does Skype ever display your name or your username? > > -- > Bob Miller K<bob> > [EMAIL PROTECTED] > _______________________________________________ > EUGLUG mailing list > euglug@euglug.org > http://www.euglug.org/mailman/listinfo/euglug > _______________________________________________ EUGLUG mailing list euglug@euglug.org http://www.euglug.org/mailman/listinfo/euglug
