On 3/13/06, Aaron S. Joyner <[EMAIL PROTECTED]> wrote: > Note that this is the first user created during the install, in a > non-expert install. That user is granted sudo privs, so having that > user's password is just as bad as having root, presuming it hasn't been > changed since install (which in the case of your average grandma, it > most likely hasn't). Note, I haven't researched this thoroughly nor > have I ever installed Ubuntu, this is just what I gleaned from some > security mailing list traffic I was reading earlier today. Take with a > grain of salt and do your own research if you're in the unfortunate > position of running Ubuntu at the moment.
>From what I've read, this only seems to affect Ubuntu Breezy and not previous or later releases. It would also affect Dapper installations that have upgraded from Breezy. Upgrading the passwd package (which should be in the normal updates, I assume) will fix the problem. (All of which was mentioned in the link Dan posted.) Cheers, Tanner -- Tanner Lovelace clubjuggler at gmail dot com http://wtl.wayfarer.org/ (fieldless) In fess two roundels in pale, a billet fesswise and an increscent, all sable. -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
