71096 – chkrootkit crontab should not exist...

Bug 71096 - chkrootkit crontab should not exist...

Summary: chkrootkit crontab should not exist...

Status:	RESOLVED INVALID

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Linux

Importance:	High trivial
Assignee:	Gentoo Linux bug wranglers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2004-11-13 15:16 UTC by Eric Brown
Modified:	2004-11-13 17:57 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Eric Brown 2004-11-13 15:16:31 UTC

I noticed that app-forensics/chkrootkit comes with some crontabs in /etc/cron.weekly.  At first I thought that was a great idea, but I don't think chkrootkit -q will notify root if there are any rootkits found.

It would probably just silently list them in some console (most likely not even in the log)..

Should we just remove the 2 cron related files from the ebuild?  Or should we patch them to use some mail program? (or log it, and hope the admin uses logwatch?)

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Aaron Walker (RETIRED) gentoo-dev

2004-11-13 17:57:17 UTC

Firstly, chkrootkit -q is silent *unless* it finds any rootkits.
Secondly, if you have mail setup cron will automatically send *ANY* output to the user that the cronjob was run as (in this case, root).  If you dont have mail setup, then it ends up in ~/dead.letter.