The current set-up is consistent with the upstream projects feelings on the subject. Let it detect them but hint it may be ok by putting common whitelists commented out in the conf file.
I wonder if it's possible to pop up some kind of warning message at install time - 'rkhunter is installed but a manual review of the settings will be required on most systems' -- rkhunter reports hidden directories under /dev https://bugs.launchpad.net/bugs/219840 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs