On Thu, 23 Dec 1999, Justin Cormack wrote:
> I have recently upgraded some machines to RH 6.1 and have noticed an
> alarming tendency for dialog boxes to appear saying please type the
> root password.
> This really is not acceptable. Any old trojan horse program can do this
> and get the password. It may be designed to make things easier for
> new users, but they need to understand about su/logging in as root.
If there is a trojan in your path you've been compromised already. You
would need to be breached to get the trojan in your path in the first
place. Even if you didn't, blocking a single way for a malicious program
to burn you doesn't stop the other n ways. The value of n is very
large...
M.
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
