Jan 25, 1999, 00:08 (0 Talkback[s])
As posted by Andries Brouwer to C.O.L.A., January 24, 1999 and
also on linux-kernel.
I just learned that
has been compromised
(so that 1. It gives anybody who logs in with name #!sh
a root shell, and 2. It mails usernames and passwords
Probably you do not want to use this enhanced version.
The original version has been put back.
It has md5sum
I am not aware of anything else that was changed, but
of course this means for the time being that anything
found on this machine must be regarded as suspect.
Andries - firstname.lastname@example.org
[PS I would be interested in finding precisely when
this was done. If you got a non-corrupt version
recently, could you mail me date and time?]
announcement by Andries Brouwer of the util-linux security
breach was posted to the linux-kernel list and is published on