--On 24 September 2005 13:31 +0100, ed wrote:
What they did was to exploit gzip, I'm fairly certain. I could not apt-get of course and thus left helpless. I no longer have faith in user passwords. I do my best to prevent people using common user names (besides myself who uses 'ed' of course, but with a descent password).
See /usr/ports/security/passwdqc if you'd like to enforce strong passwords.