Is having a hidden directory under /etc safe?

Yes, that's safe. There's nothing inherently insecure about having a hidden directory under /etc. The only reason rkhunter flags it is that it's uncommon for legitimate programs to do it, and when malware does it, it makes it less likely that you'd otherwise notice it.


It is safe in the sense that no, it will not make the system unstable, nor will it make it vulnerable from a security standpoint.

That said, as MechMK1 points out, the only reason to use hidden directories is so that it doesn't fill the user directories with fluff they don't care about. The /etc directory, on the other hand is meant to contain such fluff, so I don't see why you'd want to hide it.

For this reason, it's not an expected action and rkhunter flags it as something suspicious that only malware would do. But you can totally do it too, if you so wish.

Tags:

Linux

Debian