Re: `su to root' entry in syslog

To: George Bonser <grep@shorelink.com>
Cc: pfaffben@pilot.msu.edu, debian-user@lists.debian.org
Subject: Re: `su to root' entry in syslog
From: Ben Pfaff <pfaffben@pilot.msu.edu>
Date: 15 Nov 1997 16:50:05 -0500
Message-id: <8767ptu8s2.fsf@pfaffben.user.msu.edu>
Reply-to: pfaffben@pilot.msu.edu
In-reply-to: George Bonser's message of Sat, 15 Nov 1997 13:29:02 -0800 (PST)
References: <XFMail.971115132902.grep@oriole.sbay.org>

George Bonser <grep@oriole.sbay.org> writes:
> Either the program he is running is suid root (look for a file owned by root
> with the s set in the file permissions when you do an ls -l on the file.) Or
> you have sudo or some such that is allowing to execute certain programs as root.

Hmmm... But suid programs don't log like that.  And /etc/sudoers only
has entries for blp and root, not eric (the user).

> Still, it would not hurt to change the root password.  Someone could have
> guessed that user's password and might be using the account.

The root password is a string of random characters, and all the
login's on his account have come from his computer, not from any other
one.
-- 
Ben Pfaff <pfaffben@pilot.msu.edu> <blp@gnu.org> <pfaffben@debian.org>


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: `su to root' entry in syslog
  - From: George Bonser <grep@oriole.sbay.org>

References:
- RE: `su to root' entry in syslog
  - From: George Bonser <grep@oriole.sbay.org>

Prev by Date: RE: `su to root' entry in syslog
Next by Date: weird printing problem
Previous by thread: RE: `su to root' entry in syslog
Next by thread: Re: `su to root' entry in syslog
Index(es):
- Date
- Thread