On Mon 23 Jun 2014 at 19:56:15 +0400, Reco wrote: > On Mon, Jun 23, 2014 at 10:03:30AM +0200, François Patte wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Bonjour, > > > > I get this alert message (concerning lightdm) from chkrootkit > > > > ! RUID PID TTY CMD > > ! root 3153 tty7 /usr/bin/X :0 -seat seat0 -auth > > /var/run/lightdm/root/:0 -nolisten tcp vt7 -novtswitch > > > > What does it mean? > > A false positive. See this, for example: > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677315
There is no well-documented case of chrootkit ever giving a true positive; false positives are its stock in trade. What do you expect of a program which searches for things which do not exist or which have no relevance (if they ever had) on a modern Linux? Clapping loudly is very effective at keeping elephants out of my garden. :) What use is chkrootkit? (Yes, I know it doesn't answer the question, but my response could lead to a mass purging of chkrootkit from users' systems :) ). -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140623182815.gh29...@copernicus.demon.co.uk
