On Friday 15 Apr 2016 09:48:47 Neil Bothwick wrote: > I have these entries in /etc/rkhunter.conf.local: > > ALLOWDEVFILE="/dev/shm/org.chromium.Chromium.shmem.*" > ALLOWDEVFILE="/dev/shm/pulse-shm-*" > ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5.bz2" > ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5.bz2" > ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5" > ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5"
Thank you all for your advice. I have a couple of entries in my rkhunter.conf.local too, but not a wild card like "/dev/shm/pulse-shm-*". I was thinking that if I were a script kiddie, this could be easy picking if I wanted to place a malicious payload on a PC. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
