On Tuesday 04 January 2005 05:58 pm, Neil McGovern wrote: > Recently, I did have a box rooted. This was due to a user running phpbb > on the system, without me knowing, despite the policy of no software > without clearance from me. My I ask, how did the attacker get root? Did the user have root access that was used to install phpbb, or was a local exploit used once the user's account was compromised? Josh