Package: rkhunter Version: 1.4.4-2 Severity: normal Tags: security
Hi. I think this was even the case previously: /var/lib/rkhunter/tmp should be only readable/listable by root:root. rkhunter makes temp copies of security relevant files there, and while right now the copies it makes have safe permissions, leaving this dir world-readable for no good reason just calls for an error that can be exploited in some way. Cheers, Chris.