Re: rkhunter warning after updating

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 30 Nov 2009 22:24:11 +0000
Andy Blanchard <zocalo@xxxxxxxxx> wrote:

> I'm not sure that disabling the application checks is the best
> approach.  There is a mechanism in "rkhunter.conf" to whitelist
> specific applications (APP_WHITELIST), either by name or name and
> version.  I'd rather know about it when things change, so I've put the
> version numbers in as well since it's a quick update if and when
> Fedora updates the release instead of back-porting patches.  The line
> in my "rkhunter.conf" on F11 is as follows:
> 
>   APP_WHITELIST="gpg:1.4.0 httpd:2.2.13 named:9.6.1 sshd:5.2p1"
> 
> You'd need to adapt the version numbers per Fedora release of course
> (or forego them entirely) but IMHO it's still preferable to disabling
> the application checks entirely.

Sure, that works fine if you are willing to keep up to date on security
updates on those applications and update your config each time one
changes in fedora. 

For the out of box package that would result in pushing an update to
rkhunter anytime any of those updated and there could be lag between
the updates and when someone applied the rkhunter one. 

I fear it would lead to more confusion... 

But sure, if you want to maintain a list locally, feel free. 

kevin

Attachment: signature.asc
Description: PGP signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux