On Tue, 2012-06-05 at 18:16 +0000, Beartooth wrote: > On one of my PCs, /bin contains an executable file whose name is > the left square bracket, and nothing else. > > Opening it with gedit gets something that's part text (generally > if not all commented out) and part stuff I can't read. > > Is there a test, usable by one who knows no code, whether it's > malware?? > > What should I do? You can find out if a particular file is part of a package that you've installed like this: $ rpm -qf /usr/bin/[ coreutils-8.12-7.fc16.x86_64 To check whether any files in that package have changed, substitute "-V" (verify) for "-q" in the line above. In the case of the executable named "[", it's the test command in sheep's clothing, part of the coreutils package on most Fedora systems. See "man test" for details. -Chris -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org