On Jan 14, 2013 12:10 PM, "Holger Levsen" <hol...@layer-acht.org> wrote: > > Hi Andreas, > > On Donnerstag, 10. Januar 2013, Andreas Beckmann wrote: > > Hi, > > > > the following packages from wheezy ship files that are excluded from > > the .md5sums file: > > [snip] > > rkhunter: FILE WITHOUT MD5SUM /var/lib/rkhunter/db/backdoorports.dat [Snip] > > rkhunter: FILE WITHOUT MD5SUM /var/lib/rkhunter/db/mirrors.dat > > rkhunter: FILE WITHOUT MD5SUM /var/lib/rkhunter/db/programs_bad.dat > > rkhunter: FILE WITHOUT MD5SUM /var/lib/rkhunter/db/suspscan.dat > > those I'd file with severity "important" - sure it's a policy violation, > surely it's bad, but I wouldnt want to delay the release for these. (And I > also suggest to fix those for wheezy, but thats a slightly different topic ;) > [snip] > this I'd probably file as serious, not having checksums for files in /usr > seems worse. But then, the same reasoning as for the above bugs applies, so > maybe important is better after all. > [snip] > important as well. > > Thanks for your work on this! > > > cheers, > Holger
Not a debian developer but these 4 files I would rather put under security - after all something could have changed the contents of these files rendering rkhunter rather useless with respect to detecting some rootkits. I agree with the rest. darkestkhan
