13 Sep
2007
13 Sep
'07
1:22 a.m.
Bill Campbell wrote:
On Thu, Sep 13, 2007, Feizhou wrote:
I have seen vi do this action when it didn't understand a keycode on teh terminal you are using properly... change the case of a few letters next to the cursor. But IIRC that was busybox vi.
Is it crazy to propose someone opened /etc/passwd in vi, and saved it out without noticing this had happened?
If you suspect your box has been rooted, then perhaps it is time to do some checking.
rpm -Va
Unfortunately that isn't much use if you're running the default system with prelink as it changes large numbers of executables rendering the RPM verify close to useless.
Eh? I thought it can figure out prelink's activity too? Has something changed?