Hi, >>> On one of my PCs, /bin contains an executable file whose name is >>> the left square bracket, and nothing else. >>> >>> Opening it with gedit gets something that's part text (generally >>> if not all commented out) and part stuff I can't read. >>> >>> Is there a test, usable by one who knows no code, whether it's >>> malware?? >>> >>> What should I do? >> >> >> you should leave it there -- it's an actual command. > > Specifically it belongs to "coreutils-8.4-16.el6.x86_64". It's used in shell scripts, such as an "if" statement, such as "if [ $? -eq 0 ]". Bash actually runs that command. If you're really concerned about security, you could check out rkhunter or search for "detecting root kits". Best, Alex -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org