Bug 517525
Summary: | Rkhunter ans AdobeReader Advice Needed | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Frank Murphy <frankly3d> |
Component: | rkhunter | Assignee: | Kevin Fenzi <kevin> |
Status: | CLOSED WORKSFORME | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 11 | CC: | devrim, kevin |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-08-18 10:07:52 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Frank Murphy
2009-08-14 13:17:52 UTC
There isn't currently a whitelist for Suspicious files. ;( You could have it not check /dev/shm? (see /etc/rkhunter.conf). Or just live with these when you are running adobereader ? Alternately, you could ask upstream to add functionality to whitelist these sorts of files... Thoughts? SOLVED: Added wildcard for AdobeReader to rkhunter.conf # # Allow the specified files to be present in the /dev directory, # and not regarded as suspicious. One file per line (use multiple # ALLOWDEVFILE lines). # #ALLOWDEVFILE=/dev/abc ALLOWDEVFILE=/dev/shm/sem.ADBE* |