Another rkhunter question
John Horne
john.horne at plymouth.ac.uk
Sun May 17 16:41:24 UTC 2009
On Sun, 2009-05-17 at 09:35 -0400, Gene Heskett wrote:
> Greetings all;
>
> What is /dev/shm?
>
> I've given up on rkhunter ever shutting up about the group and passwd files,
>
What is it saying about the files? If necessary disable the relevant
passwd/group tests (use 'rkhunter --list test' to see the test names).
> but fussing about this is new.
> ---------------------- Start Rootkit Hunter Scan ----------------------
> Warning: Suspicious file types found in /dev:
> /dev/shm/sem.ADBE_REL_root: data
> /dev/shm/sem.ADBE_WritePrefs_root: data
> /dev/shm/sem.ADBE_ReadPrefs_root: data
>
Items in /dev/shm that are genuine can be whitelisted in rkhunter.conf.
There is an example of the pulse file whitelisted in the supplied
rkhunter.conf file. It is easy enough to do the same for the ADBE files.
No need to remove any packages.
John.
--
---------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 587287
E-mail: John.Horne at plymouth.ac.uk Fax: +44 (0)1752 587001
More information about the fedora-list
mailing list