|
I am feeling really stupid here. If an unaudited user is on the system with a malware program going anywhere and doing anything why would he bother hijacking passwords? --------------------------------------------------------- Booth Martin http://www.MartinVT.com Booth@MartinVT.com --------------------------------------------------------- -------Original Message------- From: midrange-l@midrange.com Date: Thursday, October 24, 2002 12:05:11 PM To: midrange-l@midrange.com Subject: Re: Need to generate passwords > Leif, where is this encrypted password file? Is it in a place where any > user can read it? no and yes. Under normal circumstances you need special authorities to get at this file ("table" would be a better description: QSYS/QSYUPTBL, type=X'0EC5'), but there exist malware programs that can access anything everywhere without the user needing special authority and without auditing of his activity.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.