[Bug 575945] [NEW] chkrootkit falsely flags files owned by Firefox 3 and Sun Java 6 valid packages
Fabián Rodríguez
magicfab at ubuntu.com
Wed May 5 19:49:26 BST 2010
Public bug reported:
Binary package hint: chkrootkit
Id like to request an SRU for this package.
IMPACT: It produces false positives for common desktop applications. chkrootdisk is suggested as one of many security tools to install in our official docs:
https://help.ubuntu.com/community/InstallingSecurityTools
HOW IT S BEEN ADRESSED: This is a know issue that has been addressed in
the next version that came out. Specifically, an option has been added
to ignore false positives (#406493, #426068 according to changelog for
version 0.48-5).
Steps to reproduce:
- Make sure Firefox 3 and Sun Java JRE 6 are installed (firefox-3.0 sun-java6-jre)
- Install chkrootkit
- sudo chkrootkit -q
Output:
The following suspicious files and directories were found:
/usr/lib/jvm/java-6-sun-1.6.0.20/.systemPrefs
/usr/lib/jvm/.java-6-sun.jinfo
/usr/lib/xulrunner-1.9.0.19/.autoreg
/usr/lib/firefox-3.0.19/.autoreg
/lib/modules/2.6.24-27-generic/volatile/.mounted
/usr/bin/find: //home/charles/.gvfs: Permission denied
/usr/bin/find: //home/charles/.gvfs: Permission denied
eth0: PACKET SNIFFER(/sbin/dhclient3[12893])
ProblemType: Bug
Architecture: i386
Date: Wed May 5 14:28:57 2010
DistroRelease: Ubuntu 8.04
Package: chkrootkit 0.47-1.1ubuntu0.1
PackageArchitecture: i386
ProcEnviron:
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games
LANG=en_CA.UTF-8
SHELL=/bin/bash
SourcePackage: chkrootkit
Uname: Linux 2.6.24-27-generic i686
** Affects: chkrootkit (Ubuntu)
Importance: Undecided
Status: New
** Tags: apport-bug
--
chkrootkit falsely flags files owned by Firefox 3 and Sun Java 6 valid packages
https://bugs.launchpad.net/bugs/575945
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to chkrootkit in ubuntu.
More information about the Ubuntu-server-bugs
mailing list