On Tue, Sep 30, 2014 at 10:08:02PM +0200, Jan Engelhardt wrote:
On Tuesday 2014-09-30 22:03, Christian Boltz wrote:
rkhunter warns : "Warning: Hidden file found: /usr/bin/.fipscheck.hmac: ASCII text
Nevertheless, /usr/bin/ is for _executable_ files only, and having hidden files there is at least a bit strange IMHO.
I don't know the internals of fipscheck, but IMHO non-executable files (like .fipscheck.hmac) shouldn't be located in /usr/bin/ Marcus, do you want a bugreport about this? ;-)
Where should it be instead? Maybe something in the spirit of /usr/src/debug with fully mirrored directory hierarchy? Or perhaps an xattr associated with the file? (Though that may not outlive security scrutiny.)
It contains a checksum for the binary that is required on start-up. We can hide it somewhere else, but it should be close. extended attributes might be too fragile. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org