dear fellow admins, dear marc, i installed some suse 6.3 "sec" packages, among others marc's /usr/lib/secchk scripts and john (weak passwd checker). last evening, john used cpu ressources i needed myself, so i tried to kill him, assuming he would listen to my wishes ;-). well, he didn't, but instead started to fork himself over and over again, exiting the father as soon as the child became functional. i consider this a normal hacker/cracker programming technic in order to avoid being killable by just one pid. but i don't consider this a normal behaviour for any program meant to be used for normal system management by an authorized admin. maybe i'm wrong (didn't check the sources), but if so, this is still a serious bug. SECOND. i had to shutdown to stop john from eating up all ressources. now after reboot, most applications (i.e. "ls", "su", "xterm", "xtelnet", "xlogin" ...) refuse to work from a normal user account. "xterm" for example establishes the connection with the X server and then crashes with a bus error. "ls" and "su" immediately crash with a bus error. but all of these work perfectly when running as root, so i guess the security checking scripts damaged some file access rights because they have been stopped before their normal termination. can anyone (marc!?) tell me which files may be corrupted in what way to produce such an effect? i already executed the scripts again, but nothing changed. regards, michael balzer -- b&b computersysteme * kämperheide 10 * 58285 gevelsberg * germany fon +49 2333 913924 * fax +49 2333 913925 * http://www.bbcomp.de