rkhunter reports hidden directories under /dev
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
rkhunter (Ubuntu) |
Invalid
|
Medium
|
Unassigned |
Bug Description
Binary package hint: rkhunter
Running Rootkit Hunter version 1.3.0
I am reasonably sure that
[11:51:08] Checking for hidden files and directories [ Warning ]
[11:51:09] Warning: Hidden directory found: /dev/.static
[11:51:09] Warning: Hidden directory found: /dev/.udev
[11:51:09] Warning: Hidden directory found: /dev/.initramfs
merely means that rkhunter has found a non-standard file - at least as far as rkhunter is concerned - but which is a default install for Hardy Heron. In this case I would assume that rkhunter needs to be updated ?
I am using the release candidate of Hardy Heron - installed in free space at the end of my single hard drive, dual booting with winxp. The install is a standard setup (no fancy partitions), with all updates, plus quanta, dvdrip, amarok and k3b with all required libs and apps for these additions. The only changes I have made via the console have been to place winxp first in the grub menu, enable ufw (with default deny) and to make sudo timeout to be zero.
What I would have expected to happen is no warnings - seeing as this is a clean, new install, done last night and only surfing to known safe websites, and the limited installation done thus far
Changed in rkhunter (Ubuntu): | |
importance: | Undecided → Medium |
Those 3 directories can be whitelisted in /etc/rkhunter.conf by just uncommenting the corresponding lines.
However, the question is whether they should be uncommented by default ubuntu installation or not.