On Mon, 30 Nov 2009 22:24:11 +0000 Andy Blanchard <zocalo@xxxxxxxxx> wrote: > I'm not sure that disabling the application checks is the best > approach. There is a mechanism in "rkhunter.conf" to whitelist > specific applications (APP_WHITELIST), either by name or name and > version. I'd rather know about it when things change, so I've put the > version numbers in as well since it's a quick update if and when > Fedora updates the release instead of back-porting patches. The line > in my "rkhunter.conf" on F11 is as follows: > > APP_WHITELIST="gpg:1.4.0 httpd:2.2.13 named:9.6.1 sshd:5.2p1" > > You'd need to adapt the version numbers per Fedora release of course > (or forego them entirely) but IMHO it's still preferable to disabling > the application checks entirely. Sure, that works fine if you are willing to keep up to date on security updates on those applications and update your config each time one changes in fedora. For the out of box package that would result in pushing an update to rkhunter anytime any of those updated and there could be lag between the updates and when someone applied the rkhunter one. I fear it would lead to more confusion... But sure, if you want to maintain a list locally, feel free. kevin
Attachment:
signature.asc
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
