Bug#765896: rkhunter: please enable unide[.rb] checks per default
Christoph Anton Mitterer
calestyo at scientia.net
Sun Oct 19 01:03:43 UTC 2014
Package: rkhunter
Version: 1.4.2-0.1
Severity: wishlist
Hi.
Please enable the unhide[.rb] checks in the default config.
rkhunter Recommonds unide.rb|unhide, so most people will have it
installed anyway.
Also, the unide[.rb] packages don't carry out their own automatic
checks (via cron or so), so having them run automatically viy
rkhunter does seem to make sense.
To enable it, I guess:
- "hidden_procs" must be removed from DISABLE_TESTS
- also DISABLE_UNHIDE should be left at it's default "0" since
a) it may be better anyway to run both and
b) having "1" would disable hidden_procs again if "only" the
C unhide package was installed.
Cheers,
Chris.
More information about the forensics-devel
mailing list