On 08/17/2012 01:27 PM, NoOp wrote:
On 08/17/2012 12:04 AM, Philippe Naudin wrote:
...
Thanks for your reply. I'm using a rpm ;), it is rkhunter-1.4.0-1.el5.
I'm installing that now on Fedora 17 to test.
Of course I can get rkhunter silent with something like
DISABLE_TESTS="hidden_ports" or ALLOWPROCLISTEN="soffice.bin".
In this case it will not complain about LibreOffice listening on
the network... even when I open a file with some malware inside.
Can you check the output of this command :
lsof -U | grep soffice
With LibreOffice-3.5, I get only one line (/tmp/OSL_PIPE_...), but
with LibreOffice-3.6 I get two more lines, two unix sockets.
Regards,
LO3.5:
$ lsof -U | grep soffice
soffice.b 10636 gg 3u unix 0x00000000 0t0 3994910 socket
soffice.b 10636 gg 7u unix 0x00000000 0t0 3994914 socket
soffice.b 10636 gg 9u unix 0x00000000 0t0 3994918
/tmp/OSL_PIPE_1000_SingleOfficeIPC_5fb899de7f8c215610dccf91954a6c
soffice.b 10636 gg 12u unix 0x00000000 0t0 3994992 socket
soffice.b 10636 gg 26u unix 0x00000000 0t0 4004457 socket
soffice.b 10636 gg 28u unix 0x00000000 0t0 4004462 socket
soffice.b 10636 gg 29u unix 0x00000000 0t0 4005488 socket
soffice.b 10636 gg 33u unix 0x00000000 0t0 4005654 socket
LO3.6:
$ lsof -U | grep soffice
soffice.b 10807 gg 6u unix 0x00000000 0t0 4079489 socket
soffice.b 10807 gg 10u unix 0x00000000 0t0 4079493 socket
soffice.b 10807 gg 13u unix 0x00000000 0t0 4079497
/tmp/OSL_PIPE_1000_SingleOfficeIPC_cc556045c3355e1abfd1d44ea4ee4532
soffice.b 10807 gg 15u unix 0x00000000 0t0 4079499 socket
soffice.b 10807 gg 24u unix 0x00000000 0t0 4079581 socket
soffice.b 10807 gg 26u unix 0x00000000 0t0 4079663 socket
soffice.b 10807 gg 27u unix 0x00000000 0t0 4079762 socket
soffice.b 10807 gg 32u unix 0x00000000 0t0 4079938 socket
And from Fedora 17 (rpm)
LO3.6:
$ lsof -U | grep soffice
soffice.b 30094 gg 6u unix 0xf4440b40 0t0 116738 socket
soffice.b 30094 gg 10u unix 0xf4441d40 0t0 116742
/tmp/OSL_PIPE_1000_SingleOfficeIPC_5d6a40e77981cf59bf3a90df38dfa5f7
soffice.b 30094 gg 27u unix 0xf44406c0 0t0 116776 socket
soffice.b 30094 gg 28u unix 0xf4441680 0t0 116778 socket
soffice.b 30094 gg 33u unix 0xdb205680 0t0 116782 socket
$ rkhunter --version
Rootkit Hunter 1.4.0
No warnings regarding anything 'soffice' in the rkhunter logs.
--
For unsubscribe instructions e-mail to: users+help@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted
Context
Privacy Policy |
Impressum (Legal Info) |
Copyright information: Unless otherwise specified, all text and images
on this website are licensed under the
Creative Commons Attribution-Share Alike 3.0 License.
This does not include the source code of LibreOffice, which is
licensed under the Mozilla Public License (
MPLv2).
"LibreOffice" and "The Document Foundation" are
registered trademarks of their corresponding registered owners or are
in actual use as trademarks in one or more countries. Their respective
logos and icons are also subject to international copyright laws. Use
thereof is explained in our
trademark policy.