Well, take a good look too, as I was wrong about the three files I specifically
mentioned.
I'd still recommend tripwire (free version available at www.tripwire.com) to check for
changes on important files.
Russ
Andrew Vogel wrote:
> On Mon, 24 Apr 2000 08:08:42 -0700, you wrote:
>
> >Ron, re-read the message. It specifically says that file the shouldn't be suid
> >have been changed to suid since the last scan.
> >
> >For instance, mount, su, and umount should never be suid. They aren't installed
> >that way, so "something" had to change them.
> >
> >Even if it wasn't a hack job, there are many security holes here. I wouldn't want
> >to have that system anywhere near a public network until it's fixed.
> >
> Imagine how I'm feeling!
>
> I'm going to do a complete reinstall of the system when I get a bit of free
> time...
>
> The folks in this group have been TREMENDOUSLY valuable through this
> process; thanks!
>
> ---
> ===========================================================================
> Andrew Vogel: Program Manager at the University of Cincinnati College of
> Pharmacy. http://pharmacy.uc.edu/default.html (513)-558-3784
> ===========================================================================
