after using skype several times, it does read the passwd file but not the shadow file. I won't worry about it any more. Jim K
Michael Miller wrote: > I think people are more or less wondering why the client is looking at > anything in the /etc directory. It's not like your password is stored > in the /etc/passwd file (anymore). Any user can look at the > /etc/passwd file, it's not a big deal (IMHO). Unless skype is trying > to harvest usernames to try and send e-mail messages to other users on > your machine. Which is unlikely but possible. I don't really see a > reason why a VoIP client would need to look in /etc/, the only file > system access should be to your home directory IMHO. > > -Miller > > On 8/28/07, Bob Miller <[EMAIL PROTECTED]> wrote: > >> Neil Parker wrote: >> >> >>> No. The closest you can get is probably to run your suspicious software >>> under the control of strace or something similar. This will report all >>> system calls made by the process, including attempts to open files. (I >>> believe this was exactly how skype's suspicious behavior was discovered.) >>> >> What, exactly, is suspicious about reading /etc/passwd? >> /etc/passwd is used to map numeric user IDs to user names. >> It's also used to map user IDs and names to full names. >> >> Does Skype ever display your name or your username? >> >> -- >> Bob Miller K<bob> >> [EMAIL PROTECTED] >> _______________________________________________ >> EUGLUG mailing list >> [email protected] >> http://www.euglug.org/mailman/listinfo/euglug >> >> > _______________________________________________ > EUGLUG mailing list > [email protected] > http://www.euglug.org/mailman/listinfo/euglug > > > _______________________________________________ EUGLUG mailing list [email protected] http://www.euglug.org/mailman/listinfo/euglug
