On Thu, 15 Apr 2004 14:48:52 -0400 "H. S." <greatexcalibur@yahoo.com> wrote: > > I am running Debian Sarge (kernel 2.4.24-1-686). I ran chkrootkit (v > 0.42b) and got this message (along with all other "nothing found" > messages): > > Searching for suspicious files and dirs, it may take a while... > /usr/lib/plt/collects/readline/.DS_Store > > What does this mean? Should I be worried? chkrootkit doesn't like hidden files in /usr/lib; it complains about them even if they're supposed to be there and have normal contents. So the questions you have to answer are: does this file belong here; and does it have in it what it's supposed to have? Judicious use of apt-file or the contents of /var/lib/dpkg/info may help you with the first question; comparing the content of the file with an original from the installed .deb can help you with the latter. Also, README.Debian from the chkrootkit docs contains a list of similar hidden files that have raised flags in the past. If this file is OK, and it's from a Debian package, but you don't see it in README.Debian, you may wish to file a wishlist bug against chkrootkit, asking the maintainer to add it to the false positives list. -c -- Chris Metzler cmetzler@speakeasy.snip-me.net (remove "snip-me." to email) "As a child I understood how to give; I have forgotten this grace since I have become civilized." - Chief Luther Standing Bear
Attachment:
pgpfhYAJhlXmx.pgp
Description: PGP signature