/lib/libkeyutils.so.1.9 is not an exploit
Posted: 22 Sep 2019, 14:23
This file is part of keyutils, part of the Linux kernel. If lfd is not checking the hash of the file matches a compromised version (it doesn't), then don't report it. This library has been around and been installed for years. Only when I updated to the 1.9 so version of keyutils yesterday did lfd start spamming me with emails about it. I hate to ignore a file that I might actually want to notice if it changes without me upgrading a package.lfd wrote:Possible root compromise: File /lib64/libkeyutils.so.1.9 exists and /lib/libkeyutils.so.1.9 exists.
For more information see: http://www.webhostingtalk.com/showthread.php?t=1235797