0006591: What is /sbin/killmail and /sbin/restoremail

I am new to CentOS - changed from RHEL<br /> <br /> I see what I think are weird things in /sbin<br /> all updated on July 1st<br /> <br /> scripts:<br /> firewall - which resets my firewall (messed up my schell script of the same name)<br /> killmail<br /> restoremail<br /> clean<br /> <br /> ELF binary:<br /> save<br /> <br /> all owned by root, but look as though they could be used by a hacker to<br /> replace system files, get in, do their dirty work undetected and then <br /> put the system back to normal.<br /> <br /> Are they normal in CentOS ?<br /> <br /> % cat killmail<br /> mv /usr/sbin/sendmail /usr/sbin/sent ; mv /usr/lib/sendmail /usr/lib/sent ; mv /bin/mail /bin/blank ; mv /etc/mail /etc/blank<br /> tail -5 /usr/sbin/sendmail > /usr/sbin/sendmail ; tail -5 /usr/lib/sendmail > /usr/lib/sendmail ; tail -5 /bin/mail > /bin/mail ; tail -5 /etc/mail > /etc/mail<br /> <br /> % cat restoremail<br /> rm -f /usr/sbin/sendmail /usr/lib/sendmail /bin/mail /etc/mail<br /> mv /usr/sbin/sent /usr/sbin/sendmail ; mv /usr/lib/sent /usr/lib/sendmail ; mv /bin/blank /bin/mail ; mv /etc/blank /etc/mail