Bug 57701 - app-admin/chkrootkit: strings-static is not static
|
Bug#:
57701
|
Product: Gentoo Linux
|
Version: unspecified
|
Platform: All
|
|
OS/Version: All
|
Status: RESOLVED
|
Severity: normal
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: solar@gentoo.org
|
Reported By: ka0ttic@gentoo.org
|
|
Component: Applications
|
|
|
URL:
|
|
Summary: app-admin/chkrootkit: strings-static is not static
|
|
Keywords: InCVS
|
|
Status Whiteboard:
|
|
Opened: 2004-07-20 03:19 0000
|
chkrootkit's strings-static binary is not statically compiled because of the
line, "make strings || die" in the ebuild, since there is no "strings" target
in the
Makefile (but strings.c exists, so it builds it anyways instead of
complaining).
The fix is just to remove that line altogether, since strings-static gets built
with the "sense" target. This also means we can get rid of the call to newsbin
and just add strings-static to dosbin.
Created an attachment (id=36091) [details]
chkrootkit-0.43-r2.diff
The other patch was an incremental patch based on an ebuild patched to fix
another chkrootkit bug. So, here is the diff of the current
chkrootkit-0.43-r2.ebuild
playing ping pong with me guys?
It must be destiny that this bug made it's way to me for a second time after
I've already bounced this back to bug-wranglers@ before.
Alot of chkrootkit internals were overridden by some patch (not your patch Aaron) which made it use everything dynamic.
This is a flaw in the design on that patch as
the goal should be to use known safe virus free programs/and dynamic
linker and libraries to preform our tests.
Consider a small LD_PRELOAD module which overrode these dynamic programs
functions and hide the non trojaned values from us.
This strings-static might be just one of the programs which are effected
by this patch (not your patch Aaron).
Anyway I've put this in CVS as-is to help return some of the sainity for forensics.
