Hey, it is somehow offtopic but, i may be onto something here that can help everyone....
As per top, mysqld show user=sshd ... obviously the mysql executable is uid=root and as per ps aux, safe_mysqld is uid=root and mysqld (spawned by safe_mysqld) shows as uid=root.... Now, what worries me is that top is showing mysqld uid=sshd, it looks pretty ugly to me. Does anyone know of any exploit regarding ssh+mysql? Mysql is not too important a service for me though, thats why im not too saavy in it. If you guys could check for similar behaviour in your boxes id be indebted (its a manner of speech! ;) -- Alex <[EMAIL PROTECTED]> Step One Group
