-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 16 December 2003 07:42, Michael Kearey wrote: > Sam Barnett-Cormack wrote: > > That particular one can occur if certain binaries aren't fully stripped. > > If they aren't stripped or optimised, or have debugging info in, then > > they trigger that test. > > > > On Mon, 15 Dec 2003, Pedro Fernandes Macedo wrote: > > In addition, 'short lived' processes may trigger the hidden processes > check. It is probably best to run chkrootkit at a lower runlevel, > without X and other things running. This was discussed a couple of weeks ago on the list, the Fedora 'run' package creates /usr/bin/run, which chrootkit considers evidence of rootkit activity. Its a false alarm. I emailed the chrootkit people about it but did not hear back. - -Andy -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/4FS/jKeDCxMJCTIRAuxtAJ9f+FoA/Bo+8J5IzGjRsJtbYDwZjACeLFra /pE2c8cwvgpP28C0m4ugUZY= =YgWL -----END PGP SIGNATURE-----
