> minicom has a known, but not very well-known hole in it that is nearly > identical to the wu-ftp hole. If you are a legitimate user of a pre 1.71 > version of minicom, you can get root, What is minicom doing as root? It should be setgid dialout. Is Slackware really doing that? > There also apepars to be a bug in syslog. If you do something like: > > grep -v "ROOT" messages > mmm; mv mmm messages This isn't a security hole since users shouldn't be able to write to /var/log/messages. > Logging is disabled, I suspect this problem is that the file pointer > maintained by syslog is getting ahead of the physical EOF, and thus > writes will fail, but this is just a guess, and I havent looked at the > source to linux's syslog. When you move something on top of messages, messages is unlinked. The file is still open, but no longer accessible through the directory structure. -- Shields.