Quote:
Searching for suspect PHP files...
/tmp/SBo/package-wxPython/usr/lib64/python2.6/site-packages/wx-2.8-gtk2-unicode/wx/tools/Editra/tests/syntax/php.php
/tmp/SBo/wxPython-src-2.8.11.0/wxPython/wx/tools/Editra/tests/syntax/php.php
|
Quote:
Originally Posted by Konphine
I asked if this means it's infected or not since this was my first time using chkrootkit. Also if it says it wasn't scanned because something wasn't executable, does that also mean that program/file is infected too?
|
I also get those warnings from chkrootkit once in a while. Last time I was checking some php functions and created a file,
/tmp/test.php, and chkrootkit gave me the same warning you're getting.
It seems you installed wxPython from slackbuilds.org, the php file reported by chkrootkit is in the temporary build directory.
I also have wxPython installed and just checked that file, don't worry about it, it's part of the wxPython package. Actually it's part of the
Editra package that wxPython includes. Specifically, it is a test file related to syntax highlighting.
After installing the wxPython package, you can have a look at the file in your system:
Code:
$ less /usr/lib64/python2.6/site-packages/wx-2.8-gtk2-unicode/wx/tools/Editra/tests/syntax/php.php