On Sun, Mar 16, 2008 at 06:29:10PM -0700, Matt Taggart wrote:
> I have written a patch that allows chkrootkit to exclude false positives
> from the list of reported dot files, and added a warning to the README of
> when you would want to use this feature and why it is sometimes needed to
> resul
> I guess the best option is to exclude them only if their are zero sized
One false positive on my system is non-zero,
/usr/lib/epiphany/2.14/extensions/.pyversion
(it contains a version string) I'm sure there are others.
But five other false positives on my system are zero.
So how about both
In #406493, the original submitter is concerned about a false positive dot
file being reported (/lib/init/rw/.ramfs). The discussion that followed
focused on solving these false positives on a case by case basis.
I'd also like to note that upstream says the following in FAQ #8
( http://www.chkro
3 matches
Mail list logo
