Bug 1731302 - Installing wp-cli as /usr/bin/wp triggers a false positive from rkhunter
Summary: Installing wp-cli as /usr/bin/wp triggers a false positive from rkhunter
Status: NEW
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: wp-cli
Version: epel7
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Luis Segundo
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2019-07-19 01:38 UTC by Richard Siddall
Modified: 2019-07-19 01:38 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed:
Type: Bug

Attachments (Terms of Use)

Description Richard Siddall 2019-07-19 01:38:15 UTC
Description of problem: wp-cli produces false positive in rkhunter

Version-Release number of selected component (if applicable): 2.2.0

How reproducible: reliable

Steps to Reproduce:
1. Install rkhunter from EPEL
2. Run sudo rkhunter --check --enable rootkits

Actual results:
RH-Sharpe's Rootkit                                      [ Warning ]

Expected results:
RH-Sharpe's Rootkit                                      [ Not Found ]

Additional info:
rkhunter warns that the RH-Sharpe's Rootkit may be present if a file /usr/bin/wp exists.  Suppressing the test in rkhunter stops it detecting the rootkit, so wp-cli should be installed in another folder on the path.

Note You need to log in before you can comment on or make changes to this bug.