Not sure if the following belongs in this category ( or even if Manjaro is responsible for this):
The krb5
package installs 2 man pages in /usr/share/man/man5
as a .
file, which somewhat obfuscates its location. The file name in full is .k5identity.5.gz
and .k5login.5.gz
. While it is understandable the reasoning behind this file naming convention was chosen (since both man pages cover the relevent .
files that can be found in a $HOME
directory) it still seems to me ill advised since it would not listed on a cursory ls
of the directory in question. (Nor am I sure I would have had the sense to pre-pend the .
were I looking for these man pages. I only noticed this after running rkhunter
on the system.
That being said, these files are not malicious whatsoever. They are legitimate man pages.
Another thing of note: fgrep
and egrep
found in /usr/bin
are scripts apparently. While innocuous, I could see this providing a security weakness (albeit, one not likely to be exploited). Wouldn’t it be better served as an alias? (this is from the grep
package.