Hello, Jeremy.

You wrote at 25.04.2003, :

JCR> On Fri, 25 Apr 2003, Daniel Eggert wrote:

>> Then onto the more interesting question: How could this happen? Someone
>> must have gained root privileges, or am I mistaken?
>>
>> Should I conclude, that something / someone comprimised my security?

JCR> I just assumed that someone updated your system from 1.6 to 1.6.1

Someone??? lol I think, that each setuid file(especcially scripts)
should è checked carefully, use some tools, like tripwire and check
for @updates@. So I think, that you need to update your system
completely from good source(CD-ROM). Because many exploits are made
through SUID programmes.

JCR> These various commands that are setuid (or setgid) appear to be normal.

JCR> But if you don't know of any update, then I don't know.

JCR>    Jeremy C. Reed
JCR>    http://bsd.reedmedia.net/



-- 
Best regards,
 CEBKA                          mailto:CEBKA@smtp.ru