Jeff Vian wrote: [snip] >> It has no escalation mechanism, so can only infect ELF files to which >> the user infected has write permission. >> >> Threat ~0. >> >> >> > > not true. it also infects files in /bin as stated by symantic and as > stated by Daniel. Thus it has some method of getting root privileges. Inexperienced sysadmins. Daniel Kirsten wrote: "Yesterday, I examined the directory ~daikanyama/.undernet and probably I executed mech as root. The file mech is indeed infected by Linux/Rst-B. This explains everything......." -- William Hooper
