rkhunter warning about /etc/.java /etc/.udev /etc/.initramfs

I am running Ubuntu 10.04.1 LTS . I am running rkhunter to check for rootkits.

rkhunter is complaining about the following hidden files and directories. I think these files are not a real problem on my system, but how can I check to see if these files are legitimate files?

[07:57:45]   Checking for hidden files and directories       [ Warning ]
[07:57:45] Warning: Hidden directory found: /etc/.java
[07:57:45] Warning: Hidden directory found: /dev/.udev
[07:57:45] Warning: Hidden directory found: /dev/.initramfs

Update

Turns out that these directories are specifically mentioned in /etc/rkhunter.conf , which suggests that this is a frequently asked rkhunter question. From rkhunter.conf :

#
# Allow the specified hidden directories.
# One directory per line (use multiple ALLOWHIDDENDIR lines).
#
#ALLOWHIDDENDIR=/etc/.java
#ALLOWHIDDENDIR=/dev/.udev
#ALLOWHIDDENDIR=/dev/.udevdb
#ALLOWHIDDENDIR=/dev/.udev.tdb
#ALLOWHIDDENDIR=/dev/.static
#ALLOWHIDDENDIR=/dev/.initramfs
#ALLOWHIDDENDIR=/dev/.SRC-unix
#ALLOWHIDDENDIR=/dev/.mdadm

Solution 1:

Basically ask Google, but those 3 are not dangerous!

/etc/.java is created by sun-java (and possible also by OpenJDK) /dev/.udev is created by the udevd daemon /dev/.initramfs is if I remember correctly where the initial ram filesystem is mounted during the system boot process.