Date: Wed, 5 Jul 2017 18:02:03 +0000 (UTC) From: Kurt Jaeger <pi@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r445088 - in head/security: . hardening-check Message-ID: <201707051802.v65I232R029892@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: pi Date: Wed Jul 5 18:02:02 2017 New Revision: 445088 URL: https://svnweb.freebsd.org/changeset/ports/445088 Log: New port: security/hardening-check Check binaries for security hardening features Hardening-check is a perl script to verify that the resulting binary does, in fact, have hardening features enabled, you can use it to test each ELF binary and the output will show if the binary has position independent executable, stack protected, fortify source functions(not supported on FreeBSD now), read only relocations or immediate binding supported. WWW: https://wiki.debian.org/Hardening PR: 220245 Submitted by: amutu@amutu.com Added: head/security/hardening-check/ head/security/hardening-check/Makefile (contents, props changed) head/security/hardening-check/distinfo (contents, props changed) head/security/hardening-check/pkg-descr (contents, props changed) Modified: head/security/Makefile Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Wed Jul 5 17:20:56 2017 (r445087) +++ head/security/Makefile Wed Jul 5 18:02:02 2017 (r445088) @@ -201,6 +201,7 @@ SUBDIR += gwee SUBDIR += hackbot SUBDIR += hamachi + SUBDIR += hardening-check SUBDIR += hashcat SUBDIR += hashcat-legacy SUBDIR += heimdal Added: head/security/hardening-check/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/hardening-check/Makefile Wed Jul 5 18:02:02 2017 (r445088) @@ -0,0 +1,34 @@ +# Created by: Jov <amutu@amutu.com> +# $FreeBSD$ + +PORTNAME= hardening-check +PORTVERSION= 2.6 +CATEGORIES= security +MASTER_SITES= http://http.debian.net/debian/pool/main/h/hardening-wrapper/ +DISTNAME= hardening-wrapper_${PORTVERSION} + +MAINTAINER= amutu@amutu.com +COMMENT= Check binaries for security hardening features + +LICENSE= GPLv2+ + +USES= tar:xz shebangfix perl5 + +SHEBANG_LANG= perl +SHEBANG_FILES= ${PORTNAME} + +NO_BUILD= yes +PLIST_FILES= bin/${PORTNAME} + +WRKSRC= ${WRKDIR}/hardening-wrapper + +post-patch: + ${REINPLACE_CMD} -e 's/die "List of libc functions not defined/#&/' \ + -e 's/^libc./& Not supported on FreeBSD now./' \ + -e 's/against glibc)./& This function is currently Not supported on FreeBSD./' \ + ${WRKSRC}/${PORTNAME} + +do-install: + ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/ + +.include <bsd.port.mk> Added: head/security/hardening-check/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/hardening-check/distinfo Wed Jul 5 18:02:02 2017 (r445088) @@ -0,0 +1,3 @@ +TIMESTAMP = 1498272039 +SHA256 (hardening-wrapper_2.6.tar.xz) = c5fc46439646d0929a0605e4f3db67e57eefbbf5ceec5a2888440dbdf4450224 +SIZE (hardening-wrapper_2.6.tar.xz) = 19436 Added: head/security/hardening-check/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/hardening-check/pkg-descr Wed Jul 5 18:02:02 2017 (r445088) @@ -0,0 +1,8 @@ +Hardening-check is a perl script to verify that the resulting binary +does, in fact, have hardening features enabled, you can use it to +test each ELF binary and the output will show if the binary has +position independent executable, stack protected, fortify source +functions(not supported on FreeBSD now), read only relocations or +immediate binding supported. + +WWW: https://wiki.debian.org/Hardening
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201707051802.v65I232R029892>