| @@ -1,5 +1,5 @@
--- rkhunter-1.3.8/files/rkhunter.conf.orig 2010-11-13 21:25:22.000000000 +0100
-+++ rkhunter-1.3.8/files/rkhunter.conf 2011-01-18 09:06:52.033796188 +0100
++++ rkhunter-1.3.8/files/rkhunter.conf 2011-09-09 11:28:18.151508358 +0200
@@ -76,7 +76,7 @@
# NOTE: This option should be present in the configuration file.
#
@@ -58,7 +58,7 @@
#ALLOWHIDDENDIR="/dev/.initramfs"
#ALLOWHIDDENDIR="/dev/.SRC-unix"
#ALLOWHIDDENDIR="/dev/.mdadm"
-@@ -504,13 +509,13 @@
+@@ -504,13 +509,15 @@
# characters.
#
#ALLOWHIDDENFILE="/etc/.java"
@@ -66,6 +66,8 @@
-#ALLOWHIDDENFILE="/etc/.pwd.lock"
+ALLOWHIDDENFILE="/usr/share/man/man1/..1.gz"
+ALLOWHIDDENFILE="/etc/.pwd.lock"
++ALLOWHIDDENFILE="/dev/.mdadm"
++ALLOWHIDDENFILE="/usr/share/man/man5/.k5login.5.gz"
#ALLOWHIDDENFILE="/etc/.init.state"
#ALLOWHIDDENFILE="/lib/.libcrypto.so.0.9.8e.hmac /lib/.libcrypto.so.6.hmac"
#ALLOWHIDDENFILE="/lib/.libssl.so.0.9.8e.hmac /lib/.libssl.so.6.hmac"
@@ -76,7 +78,7 @@
#ALLOWHIDDENFILE="/usr/lib/.libfipscheck.so.1.1.0.hmac"
#ALLOWHIDDENFILE="/usr/lib/.libfipscheck.so.1.hmac"
#ALLOWHIDDENFILE="/usr/lib/.libgcrypt.so.11.hmac"
-@@ -518,7 +523,7 @@
+@@ -518,7 +525,7 @@
#ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha256hmac.hmac"
#ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha384hmac.hmac"
#ALLOWHIDDENFILE="/usr/lib/hmaccalc/sha512hmac.hmac"
@@ -85,7 +87,7 @@
#
# Allow the specified processes to use deleted files. The
-@@ -633,6 +638,13 @@
+@@ -633,6 +640,13 @@
# be specified more than once.
#
#XINETD_ALLOWED_SVC=/etc/xinetd.d/echo
@@ -99,12 +101,12 @@
#
# This option tells rkhunter the local system startup file pathnames.
-@@ -704,7 +716,7 @@
+@@ -704,7 +718,7 @@
#
# Note above that for the Apache web server, the name 'httpd' is used.
#
-#APP_WHITELIST=""
-+APP_WHITELIST="httpd:2.2.3 named proftpd openssl:0.9.8e php:5.1.6 sshd:4.3p2"
++APP_WHITELIST="httpd named proftpd openssl php sshd"
#
# Scan for suspicious files in directories containing temporary files and
|
