Checking out my newly installed system, I found in "ss -tulpn" this: Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess ... tcp LISTEN 0 5 [::]:16001 [::]:* users:(("pulseaudio",pid=5819,fd=45)) ... 5819 is the pid for /usr/bin/pulseaudio, which is a networked sound server, but is 16001 the proper port? It's listed in /usr/etc/services as: fmsascon 16001/tcp # Administration Server Connector [Mark_Davidson] (This is one of several ports used by the well known FileMaker.) Moreover: # rpm -Vf /usr/bin/pulseaudio .M....... g /var/lib/pulseaudio It's odd that (1) the mode of this "file" should not match the rpm database, especially considering it's an empty directory. And what does the "g" mean? Also # ls -ld /usr/bin/pulseaudio -rwxr-xr-x 1 root root 92352 Jul 22 14:17 /usr/bin/pulseaudio which means that the process listening on an open port is owned by and running as root, which I'd consider a security vulnerability. Does everyone else have these same? tia. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org