svn commit: r445088 - in head/security: . hardening-check
Ultima
ultima1252 at gmail.com
Wed Jul 5 18:13:28 UTC 2017
The MASTER_SITES should be changed to the DEBIAN pool.
On Wed, Jul 5, 2017 at 11:02 AM, Kurt Jaeger <pi at freebsd.org> wrote:
> Author: pi
> Date: Wed Jul 5 18:02:02 2017
> New Revision: 445088
> URL: https://svnweb.freebsd.org/changeset/ports/445088
>
> Log:
> New port: security/hardening-check
>
> Check binaries for security hardening features
>
> Hardening-check is a perl script to verify that the resulting binary
> does, in fact, have hardening features enabled, you can use it to
> test each ELF binary and the output will show if the binary has
> position independent executable, stack protected, fortify source
> functions(not supported on FreeBSD now), read only relocations or
> immediate binding supported.
>
> WWW: https://wiki.debian.org/Hardening
>
> PR: 220245
> Submitted by: amutu at amutu.com
>
> Added:
> head/security/hardening-check/
> head/security/hardening-check/Makefile (contents, props changed)
> head/security/hardening-check/distinfo (contents, props changed)
> head/security/hardening-check/pkg-descr (contents, props changed)
> Modified:
> head/security/Makefile
>
> Modified: head/security/Makefile
> ============================================================
> ==================
> --- head/security/Makefile Wed Jul 5 17:20:56 2017 (r445087)
> +++ head/security/Makefile Wed Jul 5 18:02:02 2017 (r445088)
> @@ -201,6 +201,7 @@
> SUBDIR += gwee
> SUBDIR += hackbot
> SUBDIR += hamachi
> + SUBDIR += hardening-check
> SUBDIR += hashcat
> SUBDIR += hashcat-legacy
> SUBDIR += heimdal
>
> Added: head/security/hardening-check/Makefile
> ============================================================
> ==================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/hardening-check/Makefile Wed Jul 5 18:02:02 2017
> (r445088)
> @@ -0,0 +1,34 @@
> +# Created by: Jov <amutu at amutu.com>
> +# $FreeBSD$
> +
> +PORTNAME= hardening-check
> +PORTVERSION= 2.6
> +CATEGORIES= security
> +MASTER_SITES= http://http.debian.net/debian/
> pool/main/h/hardening-wrapper/
> +DISTNAME= hardening-wrapper_${PORTVERSION}
> +
> +MAINTAINER= amutu at amutu.com
> +COMMENT= Check binaries for security hardening features
> +
> +LICENSE= GPLv2+
> +
> +USES= tar:xz shebangfix perl5
> +
> +SHEBANG_LANG= perl
> +SHEBANG_FILES= ${PORTNAME}
> +
> +NO_BUILD= yes
> +PLIST_FILES= bin/${PORTNAME}
> +
> +WRKSRC= ${WRKDIR}/hardening-wrapper
> +
> +post-patch:
> + ${REINPLACE_CMD} -e 's/die "List of libc functions not
> defined/#&/' \
> + -e 's/^libc./& Not supported on FreeBSD now./' \
> + -e 's/against glibc)./& This function is currently Not
> supported on FreeBSD./' \
> + ${WRKSRC}/${PORTNAME}
> +
> +do-install:
> + ${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/
> +
> +.include <bsd.port.mk>
>
> Added: head/security/hardening-check/distinfo
> ============================================================
> ==================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/hardening-check/distinfo Wed Jul 5 18:02:02 2017
> (r445088)
> @@ -0,0 +1,3 @@
> +TIMESTAMP = 1498272039
> +SHA256 (hardening-wrapper_2.6.tar.xz) = c5fc46439646d0929a0605e4f3db67
> e57eefbbf5ceec5a2888440dbdf4450224
> +SIZE (hardening-wrapper_2.6.tar.xz) = 19436
>
> Added: head/security/hardening-check/pkg-descr
> ============================================================
> ==================
> --- /dev/null 00:00:00 1970 (empty, because file is newly added)
> +++ head/security/hardening-check/pkg-descr Wed Jul 5 18:02:02 2017
> (r445088)
> @@ -0,0 +1,8 @@
> +Hardening-check is a perl script to verify that the resulting binary
> +does, in fact, have hardening features enabled, you can use it to
> +test each ELF binary and the output will show if the binary has
> +position independent executable, stack protected, fortify source
> +functions(not supported on FreeBSD now), read only relocations or
> +immediate binding supported.
> +
> +WWW: https://wiki.debian.org/Hardening
>
>
More information about the svn-ports-all
mailing list