33 lines
962 B
Text
33 lines
962 B
Text
--- ./files/rkhunter.conf.orig 2011-12-17 22:36:02.000000000 +0100
|
|
+++ ./files/rkhunter.conf 2012-07-03 23:57:15.000000000 +0200
|
|
@@ -468,6 +468,10 @@
|
|
#
|
|
#SCRIPTWHITELIST="/sbin/ifup /sbin/ifdown"
|
|
#SCRIPTWHITELIST="/usr/bin/groups"
|
|
+SCRIPTWHITELIST=/usr/bin/whatis
|
|
+SCRIPTWHITELIST=/usr/sbin/adduser
|
|
+SCRIPTWHITELIST=/usr/local/bin/GET
|
|
+SCRIPTWHITELIST=/usr/local/sbin/pkgdb
|
|
|
|
#
|
|
# Allow the specified commands to have the immutable attribute set.
|
|
@@ -477,6 +481,10 @@
|
|
# characters.
|
|
#
|
|
#IMMUTWHITELIST="/sbin/ifup /sbin/ifdown"
|
|
+IMMUTWHITELIST=/usr/bin/login
|
|
+IMMUTWHITELIST=/usr/bin/passwd
|
|
+IMMUTWHITELIST=/usr/bin/su
|
|
+IMMUTWHITELIST=/sbin/init
|
|
|
|
#
|
|
# If this option is set to 1, then the immutable-bit test is
|
|
@@ -668,7 +676,7 @@
|
|
# NOTE: For *BSD systems you will probably need to use this option
|
|
# for the 'toor' account.
|
|
#
|
|
-#UID0_ACCOUNTS="toor rooty"
|
|
+UID0_ACCOUNTS="toor"
|
|
|
|
#
|
|
# Allow the following accounts to have no password. NIS/YP entries do
|