On 2015-04-29 11:15, Christoph Anton Mitterer wrote:
#SYSLOG_CONFIG_FILE=/etc/syslog.conf
=> while rkhunter will determine this automatically, it may still be
nice to
set it to /etc/rsyslog.conf on Debian, since rsyslog is the default
I'm not sure I enough about this (since it's working) to patch the
upstream source further.
SCRIPTWHITELIST=/usr/bin/unhide.rb
=> maybe it makes also sense un-comment from that line, since rkhunter
Recommneds unhide.rb and it's likely to be installed
See als bug #.
That's going to lead to a failure on machines that don't have it
unfortunately. At least until
http://sourceforge.net/p/rkhunter/feature-requests/41/ is fixed.
INSTALLDIR=/usr
=> which isn't contained in the upstream default rkhunter.conf.
Is this perhaps just a leftover?
It could very well be. We'd have to test with and without.
For the following, I'm not really sure why I didn't suggest sha512
instead of sha256:
HASH_CMD
=> As part of crypto strengthening, I'd probably suggest to set this
to:
HASH_CMD=sha512sum
Isn't sha512sum slower than sha256sum? As long as sha256 is considered
strong, I would favour the more efficient tool.
Further, I've seen you commented:
#SCRIPTWHITELIST=/usr/bin/lwp-request
It's also suggested by rkhunter... so similarly to unhide.rb,... it
*may* make sense to have this enabled per default.
But I have no strong opinion on either of the two.
See above comment.
Francois
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
