Re: `su to root' entry in syslog
George Bonser <firstname.lastname@example.org> writes:
> Either the program he is running is suid root (look for a file owned by root
> with the s set in the file permissions when you do an ls -l on the file.) Or
> you have sudo or some such that is allowing to execute certain programs as root.
Hmmm... But suid programs don't log like that. And /etc/sudoers only
has entries for blp and root, not eric (the user).
> Still, it would not hurt to change the root password. Someone could have
> guessed that user's password and might be using the account.
The root password is a string of random characters, and all the
login's on his account have come from his computer, not from any other
Ben Pfaff <email@example.com> <firstname.lastname@example.org> <email@example.com>
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .