On Sunday 09 April 2006 04:54, Rick Friedman wrote: > I run chkrootkit daily. Today it has found a file it calls, "suspicious". > The file is a zero byte, hidden file. The path is > /usr/lib/xulrunner/.autoreg > > After seeing this warning, I also ran rkhunter (rootkit hunter). The > report from rkhunter comes up clean. It does not flag the .autoreg file > (or any file for that matter). > > I am running sid and I believe that the .autoreg file may come from the > libxul0d package. > > Is this a legitimate file or something I should be concerned about? I > tend to think chkrootkit flagged it simply because it's hidden and zero > bytes. I don't think it's really a threat but I want to make certain. > > Any help is appreciated. Thanks. > > Rick
I am running a 5-day old sid installation and have this .autoreg file, as well. I couldn't find any other information online regarding this file, but seeing as how the file's mtime is a few seconds after the other file's mtimes, this file was probably generated when some package was configured, most likely libxul0d. Adam -- "Pulling together is the aim of despotism and tyranny. Free men pull in all kinds of directions." Terry Pratchett, The Truth -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]