> I logged into a machine named athlon (which runs Mandrake 8.2) remotely > and tried using su: > > [newren@athlon ~]$ su > Password: > Segmentation fault (core dumped)
-- SNIP -- Call me paranoid, but the first thing I always do in a case like this is run 'rpm -V' on the package that owns the file.. -< haze@big >- -< ~ >-$ which su /bin/su -< haze@big >- -< ~ >-$ rpm -qf /bin/su sh-utils-2.0-12mdk -< haze@big >- -< ~ >-$ rpm -V sh-utils -< haze@big >- -< ~ >-$ .. in which case, everything appears okay. If you actually get a response back, especially regarding /bin/su, then you may have stumbled across the problem. The reason for all this? It might be a trojan program, collecting your password to make a hacker's job easier. Rather than actually doing the su, it just pretends to core dump.. or it does core dump, because it can't do the su.. who knows. That's beside the point. (Now, a good hacker would of course replace rpm, so that it would never say that there is a problem with a file and/or package.) .. or, it could just be a library problem. =) Don Head SAIR LCA, CIW-P, Linux+, i-Net+, Network+, A+ Systems Administrator [ [EMAIL PROTECTED] ] Web Designer [ 1 314 650-4056 ] [ AIM - iamhAZEcx ] [ ICQ - 18804935 ] [ Yahoo - iamhazecx ]
