svn commit: r445088 - in head/security: . hardening-check
Kurt Jaeger
pi at FreeBSD.org
Wed Jul 5 18:02:04 UTC 2017
Author: pi
Date: Wed Jul 5 18:02:02 2017
New Revision: 445088
URL: https://svnweb.freebsd.org/changeset/ports/445088
Log:
New port: security/hardening-check
Check binaries for security hardening features
Hardening-check is a perl script to verify that the resulting binary
does, in fact, have hardening features enabled, you can use it to
test each ELF binary and the output will show if the binary has
position independent executable, stack protected, fortify source
functions(not supported on FreeBSD now), read only relocations or
immediate binding supported.
WWW: https://wiki.debian.org/Hardening
PR: 220245
Submitted by: amutu at amutu.com
Added:
head/security/hardening-check/
head/security/hardening-check/Makefile (contents, props changed)
head/security/hardening-check/distinfo (contents, props changed)
head/security/hardening-check/pkg-descr (contents, props changed)
Modified:
head/security/Makefile
Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile Wed Jul 5 17:20:56 2017 (r445087)
+++ head/security/Makefile Wed Jul 5 18:02:02 2017 (r445088)
@@ -201,6 +201,7 @@
SUBDIR += gwee
SUBDIR += hackbot
SUBDIR += hamachi
+ SUBDIR += hardening-check
SUBDIR += hashcat
SUBDIR += hashcat-legacy
SUBDIR += heimdal
Added: head/security/hardening-check/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/hardening-check/Makefile Wed Jul 5 18:02:02 2017 (r445088)
@@ -0,0 +1,34 @@
+# Created by: Jov <amutu at amutu.com>
+# $FreeBSD$
+
+PORTNAME= hardening-check
+PORTVERSION= 2.6
+CATEGORIES= security
+MASTER_SITES= http://http.debian.net/debian/pool/main/h/hardening-wrapper/
+DISTNAME= hardening-wrapper_${PORTVERSION}
+
+MAINTAINER= amutu at amutu.com
+COMMENT= Check binaries for security hardening features
+
+LICENSE= GPLv2+
+
+USES= tar:xz shebangfix perl5
+
+SHEBANG_LANG= perl
+SHEBANG_FILES= ${PORTNAME}
+
+NO_BUILD= yes
+PLIST_FILES= bin/${PORTNAME}
+
+WRKSRC= ${WRKDIR}/hardening-wrapper
+
+post-patch:
+ ${REINPLACE_CMD} -e 's/die "List of libc functions not defined/#&/' \
+ -e 's/^libc./& Not supported on FreeBSD now./' \
+ -e 's/against glibc)./& This function is currently Not supported on FreeBSD./' \
+ ${WRKSRC}/${PORTNAME}
+
+do-install:
+ ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/
+
+.include <bsd.port.mk>
Added: head/security/hardening-check/distinfo
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/hardening-check/distinfo Wed Jul 5 18:02:02 2017 (r445088)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1498272039
+SHA256 (hardening-wrapper_2.6.tar.xz) = c5fc46439646d0929a0605e4f3db67e57eefbbf5ceec5a2888440dbdf4450224
+SIZE (hardening-wrapper_2.6.tar.xz) = 19436
Added: head/security/hardening-check/pkg-descr
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/security/hardening-check/pkg-descr Wed Jul 5 18:02:02 2017 (r445088)
@@ -0,0 +1,8 @@
+Hardening-check is a perl script to verify that the resulting binary
+does, in fact, have hardening features enabled, you can use it to
+test each ELF binary and the output will show if the binary has
+position independent executable, stack protected, fortify source
+functions(not supported on FreeBSD now), read only relocations or
+immediate binding supported.
+
+WWW: https://wiki.debian.org/Hardening
More information about the svn-ports-all
mailing list