-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2008-01-22 at 16:23 -0500, James Knott wrote:
Because David wrote, in the email you quoted:
] > The commands were executed by a root shell and was used to download the ]> loader script,
I was thinking, at first glance, the same, that root was compromised. But you are right, it's not always the case. Rather, it should never be the case.
Again, why the root shell? Why wasn't that person using a user ID? In order to run a root shell, someone has to start a root shell. They don't just happen. There's a reason why root shouldn't be used, when not needed.
Because, being a malware, bad things can happen. The malware designer could know of a hole that allowed it to escalate to root somehow. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHlnWAtTMYHG2NR9URAgOLAJ9q1se8mASJNfq4Fws4UfgpMTebugCfRUVb VRZMrSjg2h7Utye2788/EWU= =8qd6 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org