Jim K wrote:
> I saw slashdot had a note that skype accesses the /etc/passwd file.
> Because I have used skype occasionally I am somewhat concerned. As a
> quick and dirty script would this detect such access:
> ls -l --time=atime shadow >>somelogfile
> ls -l --time=atime passwd >>somelogfile
> ls -l --time=ctime shadow >>somelogfile
> ls -l --time=ctime passwd >>somelogfile
Yes it will do what you want. Even better, use the stat command,
which prints all three timestamps together.
$ stat /etc/passwd /etc/shadow
File: `/etc/passwd'
Size: 1687 Blocks: 8 IO Block: 4096 regular file
Device: fe09h/65033d Inode: 31852572 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2007-08-27 20:19:09.000000000 -0700
Modify: 2007-06-20 07:52:34.000000000 -0700
Change: 2007-06-20 07:52:34.000000000 -0700
File: `/etc/shadow'
Size: 1070 Blocks: 8 IO Block: 4096 regular file
Device: fe09h/65033d Inode: 31852515 Links: 1
Access: (0640/-rw-r-----) Uid: ( 0/ root) Gid: ( 42/ shadow)
Access: 2007-08-27 20:17:01.000000000 -0700
Modify: 2007-06-20 07:52:34.000000000 -0700
Change: 2007-06-20 07:52:34.000000000 -0700
--
Bob Miller K<bob>
[EMAIL PROTECTED]
_______________________________________________
EUGLUG mailing list
euglug@euglug.org
http://www.euglug.org/mailman/listinfo/euglug
