Jim Thompson said: | I'd bet that it doesn't mount the floppy (or CD) nosuid, so the | cracker can simply make-up a floppy with a filesystem containing | a passwordless version of 'su'. | | but I'm just guessing. | | Jim That's it. I tested it and it works..... Create a Suid shell and mount it on the filesystem. A temporary fix is to disable the automountd. Good call, Jim. -Brian -- ---------------------------------------------------------------------------- Brian S. Garrett | Excellence can be attained if you... ADP Security | Care more than others think is wise... Naval Research Laboratory | Risk more than others think is safe... Washington, DC | Dream more than others think is practical... Brian.Garrett@nrl.navy.mil | Expect more than others think is possible. ----------------------------------------------------------------------------