Bug 1731302 - Installing wp-cli as /usr/bin/wp triggers a false positive from rkhunter
Summary: Installing wp-cli as /usr/bin/wp triggers a false positive from rkhunter
Keywords:
Status: CLOSED EOL
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: wp-cli
Version: epel7
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Jonathan Wright
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-19 01:38 UTC by Richard Siddall
Modified: 2024-07-09 02:53 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2024-07-09 02:53:53 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Richard Siddall 2019-07-19 01:38:15 UTC 
Description of problem: wp-cli produces false positive in rkhunter


Version-Release number of selected component (if applicable): 2.2.0


How reproducible: reliable


Steps to Reproduce:
1. Install rkhunter from EPEL
2. Run sudo rkhunter --check --enable rootkits

Actual results:
...
RH-Sharpe's Rootkit                                      [ Warning ]
...

Expected results:
...
RH-Sharpe's Rootkit                                      [ Not Found ]
...

Additional info:
rkhunter warns that the RH-Sharpe's Rootkit may be present if a file /usr/bin/wp exists.  Suppressing the test in rkhunter stops it detecting the rootkit, so wp-cli should be installed in another folder on the path.
Comment 1 Fedora Admin user for bugzilla script actions 2024-05-17 00:33:21 UTC 
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
Comment 2 Fedora Admin user for bugzilla script actions 2024-05-17 12:38:34 UTC 
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.
Comment 3 Troy Dawson 2024-07-09 02:53:53 UTC 
EPEL 7 entered end-of-life (EOL) status on 2024-06-30.\n\nEPEL 7 is no longer maintained, which means that it\nwill not receive any further security or bug fix updates.\n As a result we are closing this bug.
Note You need to log in before you can comment on or make changes to this bug.