On Mon, 27 Mai 2002, you (Felix Seeger) wrote: > Does make install also use the script ? > > If the atacker has normal user access than this is bad, but not a real > problem.
Well, if the machine holding the compromised user-account is also vulnerable (or has been within that time) to local root exploits, it may have been root-compromised thus causing "a real problem". If you can make sure that the machine hasn't been vulnerable inbetween, you're probably on the safe side, but you'll never know for sure. Or did I get anything wrong? Regards, Jan «octane» Jungnickel -- :: iCommunications Bremen - Perl, PHP :: :: Internetworking and UNIX Solutions :: :: Delmestrasse 25 || DE-28199 Bremen :: :: Phone: +49-421-988702-1 || Fax: -2 ::
msg00320/pgp00000.pgp
Description: PGP signature
