George Bonser <[EMAIL PROTECTED]> writes: > Either the program he is running is suid root (look for a file owned by root > with the s set in the file permissions when you do an ls -l on the file.) Or > you have sudo or some such that is allowing to execute certain programs as > root.
Hmmm... But suid programs don't log like that. And /etc/sudoers only has entries for blp and root, not eric (the user). > Still, it would not hurt to change the root password. Someone could have > guessed that user's password and might be using the account. The root password is a string of random characters, and all the login's on his account have come from his computer, not from any other one. -- Ben Pfaff <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
