Re: Am I paranoid?
Yes - you are paranoid. There is no conspiracy. Those files were
installed by the operator/user/sysadmin.
So relax. :)
If you want to remove them:-
# apt-get remove open-vm-tools open-vm-toolbox
On 25/02/14 03:04, ha wrote:
>
>>>>>> I did. It only shows that files are there:
>>>>>> /etc/pam.d/vmtoolsd
>>>>>> /usr/bin/vmtoolsd
etc/pam.d/vmtoolsd
/usr/bin/vmtoolsd
/usr/lib/libvmtools.a
/usr/lib/libvmtools.so
/usr/lib/libvmtools.so.0
/usr/lib/libvmtools.so.0.0.0
/usr/share/man/man3/libvmtools.3.gz
/usr/share/open-vm-tools/messages/de/vmtoolsd.vmsg
/usr/share/open-vm-tools/messages/ja/vmtoolsd.vmsg
/usr/share/open-vm-tools/messages/ko/vmtoolsd.vmsg
>>>>>
>>>>> By the way, there is also /etc/vmware-tools folder
It's difficult to tell who you're quoting as you've stripped all the
attributions from the post.
You'll also find you have:-
/etc/vmware-tools/xautostart.conf
/etc/vmware-tools/poweroff-vm-default
/etc/vmware-tools/poweron-vm-default
/etc/vmware-tools/resume-vm-default
/etc/vmware-tools/scripts/vmware/network
/etc/vmware-tools/statechange.subr
/etc/vmware-tools/suspend-vm-default
/etc/vmware-tools/tools.conf
/etc/vmware-tools/vm-support
>>>>
>>>> This rather highlights why I like Arch's package manager (Pacman.) more
>>>> than APT. Pacman features a command (pacman -Qo <file>) that explicitly
>>>> checks a file you specify for package ownership.
>>>
>>> dpkg --search ${filename}
Will search for the installed *package* name
"vmtoolsd" is *not* the package name
"open-vm-tools" is
So you 'could':-
dpkg --search open-vm-tools
It's unlikely to be an attempted backdoor - more likely it was simply
unwittingly installed as part of something else e.g. open-vm-tools-dev
Anyone/thing capable of installing software requires root - while it's
possible they/it could achieve that and still be dumb enough not hide
that file, it's very unlikely.
NOTE: vmtoolsd is *not* a back door, or part of any rootkit.
To see if the package was legitimately installed:-
dpkg --get-selections | grep open-vm
In your case you'll find *you've* installed:-
open-vm-tools and open-vm-toolbox
and:-
man open-vm-tools # unlikely even a script kiddie'd leave the
documentation for you don't you think? :)
Kind regards
Reply to: