On Wed, Apr 27, 2005 at 05:21:45PM +0100, Nigel Wade wrote: > >Looks like it spread to root from a user account in this case. Threat is > >obviously somewhat greater than 0. Caution and good practices are still > >required. > There's no evidence that the virus escalated its own privilege. More likely > that a root process executed an infected binary. I agree -- and that's exactly why this shouldn't be dismissed as "0 threat". -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> Current office temperature: 80 degrees Fahrenheit.