Re: rkhunter warning after updating

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 2009-11-30 at 23:49 +0000, Andy Blanchard wrote:
>
> APP_WHITELIST="gpg httpd named sshd..."
> 
> I don't think it would actually be that hard to manage the list as
> RKHunter currently only check the versions of nine key packages -
> presumably to the author of RKHunter since Exim and ProFTP are checked
> while Fedora's defaults of Sendmail and VSFTP are not.
>
The 'apps' test was a legacy from previous versions when RKH was
maintained by Michael Boelen. The test has been discussed, and we would
rather get rid of it. As mentioned it only checks a handful of apps, and
trying to maintain the version numbers is not really possible. Whilst
the app itself may change its version number, a distro such as
RHEL/Fedora etc may just patch their version and alter the patch level
number, not the actual version number. So the warnings may well be
false-positives.

The latest release of RKH (1.3.6 came out yesterday) caused the updated
app version file to be pushed out as well. Hence the sudden flurry of
warnings for all 1.3 versions of RKH.

Personally I disable the test.



John.

-- 
John Horne, University of Plymouth, UK
Tel: +44 (0)1752 587287    Fax: +44 (0)1752 587001

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux