When I run "rpm --verify bind" with bind-9.1.3-0.rc2.1 installed, I see
"S.5....T c /etc/rndc.conf". I shouldn't see this complaint, since there's
nothing wrong with the fact that /etc/rndc.conf has been modified, since
it's a config file which frequently gets modified after installation.
It's the correct behavior nevertheless. rpm --verify shows which files have
changed. It does not necessarily indicate a problem. (Yes, rpm --verify apache
shows modifications in httpd.conf, as well).
The reasoning is that it makes sense to get a list of modified files - someone
who edited a file will know about it, and know it's not a problem that the
file has changed.
However, if you know you never touched a file, you can see if it has been
modified by something else (e.g. cracker, filesystem corruption). It also
helps consultants and support to find out what files their customer edited.