rpms/chkrootkit/devel chkrootkit-0.48-nophpcheck.patch, NONE, 1.1 chkrootkit.spec, 1.30, 1.31

Tue Mar 18 20:13:35 UTC 2008

Author: mschwendt

Update of /cvs/extras/rpms/chkrootkit/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14088

Modified Files:
	chkrootkit.spec 
Added Files:
	chkrootkit-0.48-nophpcheck.patch 
Log Message:
* Tue Mar 18 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-6
- Delete the "suspect PHP files" check. Not only does it trigger
  SIGPIPE for file names which contain special unescaped characters,
  the second half is doubtful (it doesn't print any filenames and
  gets confused by binary file contents).


chkrootkit-0.48-nophpcheck.patch:

--- NEW FILE chkrootkit-0.48-nophpcheck.patch ---
diff -Nur chkrootkit-0.48-orig/chkrootkit chkrootkit-0.48/chkrootkit
--- chkrootkit-0.48-orig/chkrootkit	2007-12-17 19:54:42.000000000 +0100
+++ chkrootkit-0.48/chkrootkit	2008-03-18 21:04:58.000000000 +0100
@@ -1103,21 +1103,6 @@
    fi
 
    ###
-   ### Suspect PHP files
-   ###
-   if [ "${QUIET}" != "t" ]; then
-      printn "Searching for suspect PHP files... "; fi
-      files="`${find} ${ROOTDIR}tmp ${ROOTDIR}var/tmp ${findargs} -name '*.php' 2> /dev/null`"
-      fileshead="`${find} ${ROOTDIR}tmp ${ROOTDIR}var/tmp ${findargs} -type f -exec head -1 {} \; | grep php 2> /dev/null`"
-
-   if [ "${files}" = "" -a "${fileshead}" = "" ]; then
-      if [ "${QUIET}" != "t" ]; then echo "nothing found"; fi
-   else
-     echo "${files}"
-     echo "${fileshead}"
-   fi
-
-   ###
    ### shell history anomalies
    ###
    if [ "${QUIET}" != "t" ]; then \


Index: chkrootkit.spec
===================================================================
RCS file: /cvs/extras/rpms/chkrootkit/devel/chkrootkit.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- chkrootkit.spec	12 Feb 2008 09:51:48 -0000	1.30
+++ chkrootkit.spec	18 Mar 2008 20:12:54 -0000	1.31
@@ -1,6 +1,6 @@
 Name:           chkrootkit
 Version:        0.48
-Release:        5%{?dist}
+Release:        6%{?dist}
 Summary:        Tool to locally check for signs of a rootkit
 Group:          Applications/System
 License:        BSD-like
@@ -18,6 +18,7 @@
 Patch4:         chkrootkit-0.47-warnings.patch
 Patch6:         chkrootkit-0.47-chklastlog.patch
 Patch7:         chkrootkit-0.48-anomalies.patch
+Patch8:         chkrootkit-0.48-nophpcheck.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  desktop-file-utils
@@ -47,6 +48,7 @@
 %patch4 -p1 -b .warnings
 %patch6 -p1 -b .chklastlog
 %patch7 -p1 -b .anomalies
+%patch8 -p1 -b .nophpcheck
 sed -i -e 's!\s\+ at strip.*!!g' Makefile
 
 
@@ -115,6 +117,12 @@
 
 
 %changelog
+* Tue Mar 18 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-6
+- Delete the "suspect PHP files" check. Not only does it trigger
+  SIGPIPE for file names which contain special unescaped characters,
+  the second half is doubtful (it doesn't print any filenames and
+  gets confused by binary file contents).
+
 * Tue Feb 12 2008 Michael Schwendt <mschwendt at fedoraproject.org> - 0.48-5
 - Fix the empty warning of the shell history files anomalies check.
 - Initialise two variables in chkdirs.c to silence compiler.


