Libenv_audit version: 2.0.0
This is the data gathered in the parent, before exec,
system, or popen was called.
uid=0
euid=0
ppid=970
Parent name: /usr/X11R6/bin/XFree86
pid=976
Currently running: cat
Function called: execve
Executable is: /bin/cat

---

Environment Audit Version: 2.0-pre3

Process ID: 978
Parent Process ID: 976
User ID: 0 - root
Group ID: 0 - root
Effective User ID: 0 - root
Effective Group ID: 0 - root
Supplemental Groups:  bin, daemon, sys, adm, disk, wheel
Process Group ID: 970
Session ID: 815
Parent Session ID: 815
Current Working Dir: /root
Umask: 22
Process Priority: -1

---
Command Line Arguments
Command Line Arg 1: /root/.Xauthority

---
Environmental Variables
$HOSTNAME=linux
$PVM_RSH=/usr/bin/rsh
$TERM=linux
$SHELL=/bin/bash
$HISTSIZE=1000
$LD_PRELOAD=/lib/libenv_audit.so.2
$QTDIR=/usr/lib/qt-3.1
$USER=root
$LS_COLORS=no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:bd=40;33;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:ex=01;32:*.cmd=01;32:*.exe=01;32:*.com=01;32:*.btm=01;32:*.bat=01;32:*.sh=01;32:*.csh=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.bz2=01;31:*.bz=01;31:*.tz=01;31:*.rpm=01;31:*.cpio=01;31:*.jpg=01;35:*.gif=01;35:*.bmp=01;35:*.xbm=01;35:*.xpm=01;35:*.png=01;35:*.tif=01;35:
$PVM_ROOT=/usr/share/pvm3
$USERNAME=root
$MAIL=/var/spool/mail/root
$PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/opt/bin:/root/bin
$_=/bin/cat
$INPUTRC=/etc/inputrc
$PWD=/root
$LANG=en_US
$TG_HOME=/opt/Together-5.5
$SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass
$SHLVL=3
$HOME=/root
$XPVM_ROOT=/usr/share/pvm3/xpvm
$BASH_ENV=/root/.bashrc
$LOGNAME=root
$LESSOPEN=|/usr/bin/lesspipe.sh %s
$G_BROKEN_FILENAMES=1
$XAUTHORITY=/root/.Xauthority
WARNING LD_PRELOAD is defined.
WARNING $IFS undefined
WARNING $TZ undefined

---
Resource Limits
Name            Current     Max
RLIMIT_CORE              0  (infinity)
RLIMIT_CPU      (infinity)  (infinity)
RLIMIT_DATA     (infinity)  (infinity)
RLIMIT_FSIZE    (infinity)  (infinity)
RLIMIT_MEMLOCK  (infinity)  (infinity)
RLIMIT_NOFILE         1024        1024
RLIMIT_OFILE          1024        1024
RLIMIT_NPROC          4096        4096
RLIMIT_RSS      (infinity)  (infinity)
RLIMIT_STACK       8388608  (infinity)
RLIMIT_AS       (infinity)  (infinity)

---
Posix Capabilities
Capabilities: '=ep cap_setpcap-ep'

----
Open file descriptor: 0
User ID of File Owner: root
Group ID of File Owner: root
Descriptor is stdin.
No controlling terminal
File type: regular file, inode - 96590, device - 776
The descriptor is: /var/log/XFree86.0.log
File's actual permissions: 644
File descriptor mode is: write only

----
Open file descriptor: 1
User ID of File Owner: root
Group ID of File Owner: root
Descriptor is stdout.
No controlling terminal
File type: fifo, inode - 2141, device - 5
The descriptor is: pipe:[2141]
File descriptor mode is: write only

----
Open file descriptor: 2
User ID of File Owner: root
Group ID of File Owner: tty
Descriptor is stderr.
WARNING - process has controlling terminal
File type: character device
The tty connected to this descriptor is: /dev/tty1
File descriptor mode is: read and write

----
Open file descriptor: 3
User ID of File Owner: root
Group ID of File Owner: root
WARNING - Descriptor is leaked from parent.
File type: socket
Address Family: AF_UNIX
Local address: Unix Domain
Peer address: UNKNOWN
Socket options:
	SO_BROADCAST: off
	SO_DONTROUTE: off
	SO_ERROR: 0
	SO_KEEPALIVE: off
	SO_LINGER: off
	SO_OOBINLINE: off
	SO_RCVBUF: 65535
	SO_SNDBUF: 65535
	SO_RCVLOWAT: 1
	SO_SNDLOWAT: 1
	SO_RCVTIMEO: 0 seconds and 0 microseconds
	SO_SNDTIMEO: 0 seconds and 0 microseconds
	SO_REUSEADDR: off
	SO_REUSEPORT: undefined
	SO_TYPE: 1
	SO_USELOOPBACK: undefined
	IP_TTL: getsockopt error.
	IPV6_IPV6ONLY: undefined
	TCP_MAXSEG: getsockopt error.
	SO_PEERCRED: peer uid 0, peer gid 0
File descriptor mode is: read and write

----
Open file descriptor: 4
User ID of File Owner: root
Group ID of File Owner: root
WARNING - Descriptor is leaked from parent.
File type: character device
The tty connected to this descriptor is: /dev/tty7
File descriptor mode is: read and write, non-blocking

----
Open file descriptor: 5
User ID of File Owner: root
Group ID of File Owner: root
WARNING - Descriptor is leaked from parent.
File type: character device, inode - 15761
The descriptor is: /dev/apm_bios
File descriptor mode is: read and write

----
Open file descriptor: 6
User ID of File Owner: root
Group ID of File Owner: root
WARNING - Descriptor is leaked from parent.
File type: regular file, inode - 4135, device - 2
The descriptor is: /proc/mtrr
File's actual permissions: 644
File descriptor mode is: write only

----
Open file descriptor: 7
User ID of File Owner: root
Group ID of File Owner: root
WARNING - Descriptor is leaked from parent.
File type: character device, inode - 18183
The descriptor is: /dev/psaux
Process ID that receives SIGIO & SIGURG :970
File descriptor mode is: read and write, non-blocking

----
Open file descriptor: 8
User ID of File Owner: root
Group ID of File Owner: root
WARNING - Descriptor is leaked from parent.
File type: socket
Address Family: AF_UNIX
Local address: Unix Domain
Peer address: Unix Domain
Socket options:
	SO_BROADCAST: off
	SO_DONTROUTE: off
	SO_ERROR: 0
	SO_KEEPALIVE: off
	SO_LINGER: off
	SO_OOBINLINE: off
	SO_RCVBUF: 65535
	SO_SNDBUF: 65535
	SO_RCVLOWAT: 1
	SO_SNDLOWAT: 1
	SO_RCVTIMEO: 0 seconds and 0 microseconds
	SO_SNDTIMEO: 0 seconds and 0 microseconds
	SO_REUSEADDR: off
	SO_REUSEPORT: undefined
	SO_TYPE: 1
	SO_USELOOPBACK: undefined
	IP_TTL: getsockopt error.
	IPV6_IPV6ONLY: undefined
	TCP_MAXSEG: getsockopt error.
	SO_PEERCRED: peer uid 0, peer gid 0
File descriptor mode is: read and write, non-blocking

----
Open file descriptor: 9
User ID of File Owner: root
Group ID of File Owner: root
WARNING - Descriptor is leaked from parent.
File type: socket
Address Family: AF_UNIX
Local address: Unix Domain
Peer address: Unix Domain
Socket options:
	SO_BROADCAST: off
	SO_DONTROUTE: off
	SO_ERROR: 0
	SO_KEEPALIVE: off
	SO_LINGER: off
	SO_OOBINLINE: off
	SO_RCVBUF: 65535
	SO_SNDBUF: 65535
	SO_RCVLOWAT: 1
	SO_SNDLOWAT: 1
	SO_RCVTIMEO: 0 seconds and 0 microseconds
	SO_SNDTIMEO: 0 seconds and 0 microseconds
	SO_REUSEADDR: off
	SO_REUSEPORT: undefined
	SO_TYPE: 1
	SO_USELOOPBACK: undefined
	IP_TTL: getsockopt error.
	IPV6_IPV6ONLY: undefined
	TCP_MAXSEG: getsockopt error.
	SO_PEERCRED: peer uid 0, peer gid 0
File descriptor mode is: read and write, non-blocking

---
Audit Complete