[Forensics-changes] [SCM] debian-forensics/rkhunter branch, master, updated. debian/1.4.0-2-1-g6390ef7

Julien Valroff julien at kirya.net
Sat Feb 16 07:43:51 UTC 2013 

The following commit has been merged in the master branch:
commit 6390ef74d902ffbc9b4b654d50a99476fc09b138
Author: Julien Valroff <julien at kirya.net>
Date:   Sat Feb 16 08:43:47 2013 +0100

    Add commented entry to whitelist /usr/bin/unhide.rb as a script (Closes: #695099)

diff --git a/debian/changelog b/debian/changelog
index 5bf4668..f50cb7f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+rkhunter (1.4.0-3) UNRELEASED; urgency=low
+
+  * Add commented entry to whitelist /usr/bin/unhide.rb as a script
+   (Closes: #695099) 
+
+ -- Julien Valroff <julien at debian.org>  Sat, 16 Feb 2013 08:42:37 +0100
+
 rkhunter (1.4.0-2) unstable; urgency=low
 
   * Add Slovak translation - thanks to Slavko <slavko at slavino.sk>
diff --git a/debian/patches/05_custom_conffile.diff b/debian/patches/05_custom_conffile.diff
index 0e768e0..0135f1d 100644
--- a/debian/patches/05_custom_conffile.diff
+++ b/debian/patches/05_custom_conffile.diff
@@ -52,7 +52,7 @@ Forwarded: not-needed
  #PKGMGR=NONE
  
  #
-@@ -466,8 +476,14 @@
+@@ -466,8 +476,15 @@
  # be specified more than once. The option may use wildcard
  # characters.
  #
@@ -66,10 +66,11 @@ Forwarded: not-needed
 +SCRIPTWHITELIST=/usr/bin/lwp-request
 +SCRIPTWHITELIST=/usr/sbin/adduser
 +SCRIPTWHITELIST=/usr/sbin/prelink
++#SCRIPTWHITELIST=/usr/bin/unhide.rb
  
  #
  # Allow the specified commands to have the immutable attribute set.
-@@ -492,11 +508,9 @@
+@@ -492,11 +509,9 @@
  # may use wildcard characters.
  #
  #ALLOWHIDDENDIR="/etc/.java"
@@ -82,7 +83,7 @@ Forwarded: not-needed
  
  #
  # Allow the specified hidden files to be whitelisted.
-@@ -521,6 +535,9 @@
+@@ -521,6 +536,9 @@
  #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
  #ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
  #ALLOWHIDDENFILE="/usr/sbin/.sshd.hmac"
@@ -92,7 +93,7 @@ Forwarded: not-needed
  
  #
  # Allow the specified processes to use deleted files. The
-@@ -535,8 +552,10 @@
+@@ -535,8 +553,10 @@
  # characters, but only in the file names.
  #
  #ALLOWPROCDELFILE="/sbin/cardmgr /usr/sbin/gpm:/etc/X11/abc"
@@ -104,7 +105,7 @@ Forwarded: not-needed
  
  #
  # Allow the specified processes to listen on any network interface.
-@@ -547,7 +566,6 @@
+@@ -547,7 +567,6 @@
  #ALLOWPROCLISTEN="/sbin/dhclient /usr/bin/dhcpcd"
  #ALLOWPROCLISTEN="/usr/sbin/pppoe /usr/sbin/tcpdump"
  #ALLOWPROCLISTEN="/usr/sbin/snort-plain"
@@ -112,7 +113,7 @@ Forwarded: not-needed
  
  #
  # Allow the specified network interfaces to be in promiscuous mode.
-@@ -647,7 +665,7 @@
+@@ -647,7 +666,7 @@
  # The option may be specified more than once. The option may use
  # wildcard characters.
  #
@@ -121,7 +122,7 @@ Forwarded: not-needed
  
  #
  # This setting tells rkhunter the pathname to the file containing the
-@@ -668,7 +686,7 @@
+@@ -668,7 +687,7 @@
  # NOTE: For *BSD systems you will probably need to use this option
  # for the 'toor' account.
  #
@@ -130,7 +131,7 @@ Forwarded: not-needed
  
  #
  # Allow the following accounts to have no password. NIS/YP entries do
-@@ -786,7 +804,7 @@
+@@ -786,7 +805,7 @@
  # specified, then RKH will assume the O/S release information is on the
  # first non-blank line of the file.
  #
@@ -139,7 +140,7 @@ Forwarded: not-needed
  
  #
  # The following two options can be used to whitelist files and directories
-@@ -979,4 +997,6 @@
+@@ -979,4 +998,6 @@
  # of 2 will disable the Ruby 'unhide.rb' program. The default value is 0. To disable
  # both programs, then disable the 'hidden_procs' test.
  #

-- 
debian-forensics/rkhunter

More information about the forensics-changes mailing list