On 09 Apr 2006, Adam Collins wrote: > On Sunday 09 April 2006 04:54, Rick Friedman wrote: > > I run chkrootkit daily. Today it has found a file it calls, "suspicious". > > The file is a zero byte, hidden file. The path is > > /usr/lib/xulrunner/.autoreg > > > > After seeing this warning, I also ran rkhunter (rootkit hunter). The > > report from rkhunter comes up clean. It does not flag the .autoreg file > > (or any file for that matter). > > > > I am running sid and I believe that the .autoreg file may come from the > > libxul0d package. > > > > Is this a legitimate file or something I should be concerned about? I > > tend to think chkrootkit flagged it simply because it's hidden and zero > > bytes. I don't think it's really a threat but I want to make certain. > > > > Any help is appreciated. Thanks. > > > > Rick > > I am running a 5-day old sid installation and have this .autoreg file, as > well. I couldn't find any other information online regarding this file, > but seeing as how the file's mtime is a few seconds after the other file's > mtimes, this file was probably generated when some package was configured, > most likely libxul0d. > > Adam >
I have this file as well; it is not flagged by chkrootkit. Anthony -- Anthony Campbell - [EMAIL PROTECTED] Microsoft-free zone - Using Linux Gnu-Debian http://www.acampbell.org.uk (blog, book reviews, on-line books and sceptical articles) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
