This is how I understand it. Even though the root passwd is encrypted on the box it is still sent accross the wire in plain text, therefore sniffable.
Maybe you cam to the thread ot of sequence? What I meant was, during an SSH session, the su root password is encrypted across the wire. Pretty much the only places it is plaintext are the keyboard driver and login/pam.
But my point was that if your user password is sniffed from a POP session, then leet can sprinkle your path with trojans, which might sniff your su password and steal it.
Thats all. dproc
Check out the May edition of SysAdmin Magazine, Crypto 101, I cover how to SSL wrap POP/IMAP and related things. www.sysadminmag.com Kurt Seifried SecurityPortal, your focal point for security on the net http://www.securityportal.com/