Implications of recent virus (Trojan Horse) attack

[Guy Harris]

>Or, to keep someone else from doing this, remove lines like:
>
>::0:0::
>
>from your password file. Most Sun systems have this as a default
>(stupid!).

Excuse me, but to what are you referring?  Most Sun systems have a line
like

	+::0:0:::

as a default, but this is INequivalent to

	::0:0::

Lines of the latter sort are generated by the scenario Doug Gwyn
described; the problem is that "getpwent" doesn't, in some systems,
check that the login name field is non-null before returning a value. 
(S5R3's version checks, but unfortunately returns NULL rather than
skipping the invalid entry, which causes programs to think a blank line
in "/etc/passwd" is really the end of the file.)