On Tuesday 2014-09-30 22:03, Christian Boltz wrote:
rkhunter warns : "Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
Nevertheless, /usr/bin/ is for _executable_ files only, and having hidden files there is at least a bit strange IMHO.
I don't know the internals of fipscheck, but IMHO non-executable files (like .fipscheck.hmac) shouldn't be located in /usr/bin/ Marcus, do you want a bugreport about this? ;-)
Where should it be instead? Maybe something in the spirit of /usr/src/debug with fully mirrored directory hierarchy? Or perhaps an xattr associated with the file? (Though that may not outlive security scrutiny.)