14 Mar
2005
14 Mar
'05
19:18
The Sunday 2005-03-13 at 21:06 -0600, Henry Tang wrote:
I think the hack that sends out the email with shadow and passwd listing either has root access or shadow group access. Becuase according to this below it shows that only user of shadow or root can read the file. If the hacker has root, what is the purpose of getting the system config or shadow file via email.. I don't see a reason going through all that trouble. So must be user gdm.
A reason to send an email could be because it was an automated attack. -- Cheers, Carlos