Sorry about that. I had a few warnings out of the box, that after verifying they were all from signed packages from signed repositories, I got annoyed and opened this bug report. I didn't realise how many scripts I would have to go through to recognise these as false positives.
I wish rkhunter would check known false positives by checking which packages are installed, comparing md5sums, package/repository signatures, etc. I realise that an advanced rootkit targeting debian-rkhunter could fake all of these, but if it's targeting debian-rkhunter, we're pretty screwed anyway. --Jayen On 10/05/11 11:28, Julien Valroff wrote: > Le mardi 10 mai 2011 à 02:02:15 (+0200 CEST), Jayen Ashar a écrit : >> Package: rkhunter >> Version: 1.3.6-5 >> Severity: normal >> >> After installing sun-java6-bin, rkhunter reports: >> Warning: Hidden directory found: /etc/.java > > Comment out the related entry in /etc/rkhunter.conf if you are sure this > directory is safe. > > This is not a problem, neither in rkhunter, nor in sun-java6-bin, hence > closing this bug. > > Cheers, > Julien > -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
