[Plug-security] Once cracked
Rusty Carruth
plug-security@lists.PLUG.phoenix.az.us
Mon, 10 Sep 2001 18:05:44 -0700 (MST)
>
> operator. still haven't seen anything done by it. if it wasn't a member
> of the root group I would just assume something I installed put it
Oh my mandrake 7.1 system:
bash-2.04$ egrep operator /etc/passwd
operator:x:11:0:operator:/root:/bin/false
bash-2.04$
So I think you're safe there. Don't re-install!
> there. I've tried using last or su ing to opertor then pulling history
Did you 'su' or 'su -'???
> but so far nothing. It would be nice if I didn't have to wipe my
> computer but at this point I'm thinking better safe than sorry. So if
> anyone knows why operator would be there please let me know.
Somebody somewhere thought operator needed to be in the user groups...
rc