[Plug-security] Once cracked

Nathan England plug-security@lists.PLUG.phoenix.az.us
11 Sep 2001 02:10:58 -0700


--=-skXalesYTrXzDcxE4RcB
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

I think most suse installs add an 'operator' user.  Is there any
databases installed?  Usually the operator goes with a database.  I've
seen it with postgres and oracle..

nathan

On Mon, 2001-09-10 at 18:05, Rusty Carruth wrote:
> >=20
> > operator. still haven't seen anything done by it. if it wasn't a member=
=20
> > of the root group I would just assume something I installed put it=20
>=20
> Oh my mandrake 7.1 system:
> bash-2.04$ egrep operator /etc/passwd
> operator:x:11:0:operator:/root:/bin/false
> bash-2.04$=20
>=20
> So I think you're safe there.  Don't re-install!
>=20
> > there. I've tried using last or su ing to opertor then pulling history=20
>=20
> Did you 'su' or 'su -'???
>=20
> > but so far nothing. It would be nice if I didn't have to wipe my=20
> > computer but at this point I'm thinking better safe than sorry. So if=20
> > anyone knows why operator would be there please let me know.
>=20
> Somebody somewhere thought operator needed to be in the user groups...
>=20
> rc
> _______________________________________________
> Plug-security mailing list  -  Plug-security@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-security
--=20
 "Ah, lives there a man with soul so dead, who never to himself hath
said,=20
as he hunched and rolled in his comfortable bed:
To hell with rent...I'll drink instead!"



--=-skXalesYTrXzDcxE4RcB
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQA7ndUi8roUgVY5MsERAjXqAKCZjPtR/mji72Ub09xoHRm15m69iQCfQCaL
XyhSv4eVL3zPacT3/DwDPUU=
=wxPP
-----END PGP SIGNATURE-----

--=-skXalesYTrXzDcxE4RcB--