On Mon, 2009-11-30 at 23:49 +0000, Andy Blanchard wrote: > > APP_WHITELIST="gpg httpd named sshd..." > > I don't think it would actually be that hard to manage the list as > RKHunter currently only check the versions of nine key packages - > presumably to the author of RKHunter since Exim and ProFTP are checked > while Fedora's defaults of Sendmail and VSFTP are not. > The 'apps' test was a legacy from previous versions when RKH was maintained by Michael Boelen. The test has been discussed, and we would rather get rid of it. As mentioned it only checks a handful of apps, and trying to maintain the version numbers is not really possible. Whilst the app itself may change its version number, a distro such as RHEL/Fedora etc may just patch their version and alter the patch level number, not the actual version number. So the warnings may well be false-positives. The latest release of RKH (1.3.6 came out yesterday) caused the updated app version file to be pushed out as well. Hence the sudden flurry of warnings for all 1.3 versions of RKH. Personally I disable the test. John. -- John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287 Fax: +44 (0)1752 587001 -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
