On Fri, 15 Apr 2016 10:40:34 +0200, Alan McKinnon wrote: > All these chrootkit and rkhunter warnings are about /dev/shm/ > files/devices. > > Is there something that makes anything in /dev/shm inherently > > suspicious? > > > Nope. It's just a place where shared memory cna be used. > > By far the most likely is that the script you use has an incomplete list > of things that can be found in there
I have these entries in /etc/rkhunter.conf.local: ALLOWDEVFILE="/dev/shm/org.chromium.Chromium.shmem.*" ALLOWDEVFILE="/dev/shm/pulse-shm-*" ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5.bz2" ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5.bz2" ALLOWHIDDENFILE="/usr/share/man/man5/.k5identity.5" ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5" -- Neil Bothwick Znqr lbh ybbx!
pgpc7AVnDaRzP.pgp
Description: OpenPGP digital signature
