Re: `su to root' entry in syslog
George Bonser <grep@oriole.sbay.org> writes:
> Either the program he is running is suid root (look for a file owned by root
> with the s set in the file permissions when you do an ls -l on the file.) Or
> you have sudo or some such that is allowing to execute certain programs as root.
Hmmm... But suid programs don't log like that. And /etc/sudoers only
has entries for blp and root, not eric (the user).
> Still, it would not hurt to change the root password. Someone could have
> guessed that user's password and might be using the account.
The root password is a string of random characters, and all the
login's on his account have come from his computer, not from any other
one.
--
Ben Pfaff <pfaffben@pilot.msu.edu> <blp@gnu.org> <pfaffben@debian.org>
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: