[TAG] (forw) Re: (forw) Re: lpr works for user not root in Basiclinux 2.1
Rick Moen
rick at linuxmafia.com
Sun Jan 28 11:58:13 MSK 2007
Quoting Sindi Keesan (keesan at grex.cyberspace.org):
> How do I interpret the above?
My guess: Probably chkrootkit being stupid.
chkrootkit is built on an ultimately stupid approach -- stupid by
design: It does pattern-matching in an attempt to, as Marcus J. Ranum
puts it, "enumerate badness", which is an inherently fallible, losing
strategy.
So, you read chkrootkit FAQs and other documentation about known false
positives, if necessary you read the chkrootkit script to determine what
it's checking, and you decide for yourself whether it's talking nonsense
or not.
However, if you've put yourself in a position where you're actually
_relying_ on chkrootkit for anything but a quick cross-check against
your primary security measures, I'd say you have a lot bigger problems.
More information about the TAG
mailing list