Bug 554001 - False positives + Update
Summary: False positives + Update
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: lynis
Version: 11
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Rakesh Pandit
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-01-09 22:42 UTC by Harald Reindl
Modified: 2010-02-18 22:28 UTC (History)
1 user (show)

Fixed In Version: lynis-1.2.9-1.fc11
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-02-18 22:28:06 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Harald Reindl 2010-01-09 22:42:01 UTC
Hi - First it would be fine to update lynis to 1.2.9 for Fedora 11
I use the unofficial rpm linked from the upstream-page 

There are some false positives


> Suggestion: Harden the system by removing unneeded compilers. 
> This can decrease the chance of customized trojans, backdoors 
> and rootkits to be compiled and installed [test:HRDN-7220]

I think the follwing packages trigger this
libgcc-4.4.1-2.fc11.x86_64
perl-devel-5.10.0-82.fc11.x86_64

> Suggestion: Disable drivers like USB storage when not used, 
> to prevent unauthorized storage or data theft [test:STRG-1840]

> Disable drivers like firewire storage when not used, 
> to prevent unauthorized storage or data theft [test:STRG-1846]

Hm, the machine boots with "nosub"-kernel-param it the following modprobe-configuration. Do i something wrong or the tool?

[root@arrakis:~]$ cat /etc/modprobe.d/local.conf 
alias ipv6 off                                   
alias net-pf-10 off                              

blacklist ac
blacklist acpi_cpufreq
blacklist acpiphp     
blacklist cpufreq_ondemand
blacklist dm_mod          
blacklist ehci_hcd        
blacklist firewire_core   
blacklist firewire_ohci   
blacklist floppy          
blacklist freq_table      
blacklist gspca_main      
blacklist gspca_zc3xx     
blacklist i2c_core        
blacklist i2c_piix4       
blacklist ohci_hcd        
blacklist ohci-hcd        
blacklist parport         
blacklist parport_pc      
blacklist pciehp
blacklist pcspkr
blacklist ppdev
blacklist shpchp
blacklist snd
blacklist snd_hda_codec
blacklist snd_hda_codec_realtek
blacklist snd_hda_intel
blacklist snd_hwdep
blacklist snd_mixer_oss
blacklist snd_page_alloc
blacklist snd_pcm
blacklist snd_pcm_oss
blacklist snd_pcsp
blacklist snd_rawmidi
blacklist snd_seq
blacklist snd_seq_device
blacklist snd_seq_dummy
blacklist snd_seq_midi_event
blacklist snd_seq_oss
blacklist snd_timer
blacklist snd_usb_audio
blacklist snd_usb_lib
blacklist soundcore
blacklist uhci
blacklist uhci_hcd
blacklist usb-ohci
blacklist usb_storage
blacklist usb-uhci
blacklist vmhgfs

Comment 1 Fedora Update System 2010-01-30 06:08:22 UTC
lynis-1.2.9-1.fc12 has been submitted as an update for Fedora 12.
http://admin.fedoraproject.org/updates/lynis-1.2.9-1.fc12

Comment 2 Fedora Update System 2010-01-30 06:09:06 UTC
lynis-1.2.9-1.fc11 has been submitted as an update for Fedora 11.
http://admin.fedoraproject.org/updates/lynis-1.2.9-1.fc11

Comment 3 Rakesh Pandit 2010-01-30 06:11:06 UTC
I don't see these as bugs which I can fix, it would be nice if you can report this to upstream. I have updates waiting for latest lynis waiting in bodhi.

Thanks,

Comment 4 Fedora Update System 2010-02-01 01:02:46 UTC
lynis-1.2.9-1.fc11 has been pushed to the Fedora 11 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update lynis'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2010-1239

Comment 5 Fedora Update System 2010-02-01 01:07:39 UTC
lynis-1.2.9-1.fc12 has been pushed to the Fedora 12 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update lynis'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2010-1250

Comment 6 Fedora Update System 2010-02-18 22:28:01 UTC
lynis-1.2.9-1.fc12 has been pushed to the Fedora 12 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2010-02-18 22:28:54 UTC
lynis-1.2.9-1.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.