Hey Russel and Group,
Thanks for the continuing discussion.
> Nobody suing to root is not non-threatening! Ideally you would have a group
> wheel or root required for su to root to prevent this. Currently I haven't as
> I haven't got the PAM setup for it going yet.
PAM is acronym for 'password authentication mode' ?
I know that BSD uses a wheel group that needs to be enacted before a su
can happen. What means are you considering doing this?
Also, would something be running from cron that does this every morning at
6:23 AM? Anyone know how I can investigate furthur?