Bug 431386
| Summary: | Review Request: rkhunter - A host-based tool to scan for rootkits, backdoors and local exploits | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Kevin Fenzi <kevin> |
| Component: | Package Review | Assignee: | John Mahowald <jpmahowald> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | fedora-package-review, notting, poelstra |
| Target Milestone: | --- | Flags: | jpmahowald:
fedora-review+
kevin: fedora-cvs+ |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-07-04 19:24:55 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Kevin Fenzi
2008-02-04 01:47:42 UTC
Yay security packages. Builds on development and runs. rpmlint: rkhunter.noarch: E: non-readable /etc/rkhunter.conf 0640 rkhunter.noarch: E: non-readable /etc/sysconfig/rkhunter 0640 Fine, don't let the bad guys read rkhunter config rkhunter.noarch: W: non-standard-dir-in-var rkhunter rkhunter.src: W: mixed-use-of-spaces-and-tabs (spaces: line 1, tab: line 30) Allow. rkhunter.src: W: strange-permission 01-rkhunter 0755 A script, ignore. License good, GPLv2+ Source matches Is noarch Follows naming guidelines Proper use of macros %files section proper permissions, ownership The perl scripts in the spec are a bit hard to read, but their configuration purpose is clear. As to perl scripts for sha1/md5 I agree system executables should be used. In a rootkit detection situation you may not be able to trust them, which is the only case I would find those useful. If that's the case I doubt rkhunter would be much help, as perl and the system is probably untrustworthy anyway. Feel free to continue to not include them. I see cron is using the --update flag. Applying updates will make the db show up on rpm verification as changed. This might bother the worried user running rpm -V that their rkhunter is compromised. I don't see any other way of keeping it updated in between major releases. Package itself is fine. APPROVED Thanks for the quick review! Package Name: rkhunter Short Description: A host-based tool to scan for rootkits, backdoors and local exploits Owners: kevin,devrim Branches: F-8 F-7 InitialCC: Cvsextras Commits: yes cvs done. rkhunter-1.3.2-1.fc8 has been submitted as an update for Fedora 8 rkhunter-1.3.2-1.fc7 has been submitted as an update for Fedora 7 rkhunter-1.3.2-1.fc8 has been pushed to the Fedora 8 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update rkhunter'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-2199 rkhunter-1.3.2-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report. rkhunter-1.3.2-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report. can this bug be closed or are you tracking to get update into rawhide? Nope, we can close it now. |