Re: Fedora and chkrootkit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 16 December 2003 07:42, Michael Kearey wrote:
> Sam Barnett-Cormack wrote:
> > That particular one can occur if certain binaries aren't fully stripped.
> > If they aren't stripped or optimised, or have debugging info in, then
> > they trigger that test.
> >
> > On Mon, 15 Dec 2003, Pedro Fernandes Macedo wrote:
>
> In addition, 'short lived' processes may trigger the hidden processes
> check. It is probably best to run chkrootkit at a lower runlevel,
> without X and other things running.

This was discussed a couple of weeks ago on the list, the Fedora 'run' package 
creates /usr/bin/run, which chrootkit considers evidence of rootkit activity.  
Its a false alarm.  I emailed the chrootkit people about it but did not hear 
back.

- -Andy
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/4FS/jKeDCxMJCTIRAuxtAJ9f+FoA/Bo+8J5IzGjRsJtbYDwZjACeLFra
/pE2c8cwvgpP28C0m4ugUZY=
=YgWL
-----END PGP SIGNATURE-----




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux