Re: [Rkhunter-users] hidden files
Brought to you by:
dogsbody
From: John H. <joh...@pl...> - 2006-09-30 23:24:27
|
On Sun, 2006-10-01 at 01:42 +0300, Nerijus Baliunas wrote: > > I see in rkhunter.conf: > #ALLOWHIDDENDIR=/dev/.udev > #ALLOWHIDDENFILE=/usr/share/man/man1/..1.gz > > Why are these commented out by default? IMHO it is safe to uncomment > them by default. > Under your O/S may be, but what about others - FreeBSD, Solaris, AIX? Under these those files may not exit and therefore indicate something is suspicious. I think it is safer if the user has to consciously configure rkhunter for their own computers. They should know if these files/directories are supposed to be there or not. Hence the values should be commented out by default. John. -- --------------------------------------------------------------- John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914 E-mail: Joh...@pl... Fax: +44 (0)1752 233839 |