In message <[EMAIL PROTECTED]>, H al Flynn writes: > I tried to get a copy of the trojaned source, but was unsuccessful. > > From what I can gather, there's two likely scenarios involving this > problem. > > Scenario #1: > The trojaned code was placed in a section of the source which was only > executed by the user during the initial ./configure ; make ; make > install sequence. > > ... > > Scenario #2: > The trojaned code was placed in the configure that is executed during the > make install sequence. This would likely result in execution by root, as > the default goes to /usr/local. Obviously, this requires administrative > access for successful installation. > > ...
>From what I can tell, the trojan only ran during the configure phase, but not the make nor the install phases. I can't attach the whole configure script because it exceeds ezmlm's size quota. Cheers, --Dave Chin
