On 2017-08-27 23:29, Bjoern Voigt wrote:
I use Rkhunter to check the installed packages for unallowed modifications.
Unfortunately by default, Rkhunter also reports all official openSUSE Tumbleweed updates. E.g.
I don't think you can use rkhunter on TW. The wikipedia describes what it does as: rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. The database simply can not keep up, unless some process at the openSUSE build system would upload new hashes at the same time the rpms are published. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar)