-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Monday 2008-01-21 at 20:41 -0800, Joe Sloan wrote:
David Bolt wrote:
The reason being that if a worm is able to install on the server using root privileges, there's no way to know just what else has been installed by it without performing some form of forensic work on the installation
Why would you assume that a worm got root privileges? In the cases I've
Because David wrote, in the email you quoted: ]> The commands were executed by a root shell and was used to download the ]> loader script, I was thinking, at first glance, the same, that root was compromised. But you are right, it's not always the case. Rather, it should never be the case. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlhhNtTMYHG2NR9URAnZNAJ9Zvkt/ZyhEeQG22LgbVqAF2LuoJACfcoEz fHd7970olNCD1/rteJlBgWE= =u0sc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org