]>
Commit | Line | Data |
---|---|---|
a52bee30 ER |
1 | Summary: Tool to check system for binary-hardening |
2 | Name: checksec | |
3 | Version: 1.5 | |
4 | Release: 1 | |
5 | License: BSD | |
6 | Group: Development/Tools | |
7 | Source0: http://www.trapkit.de/tools/%{name}.sh | |
8 | # Source0-md5: 075996be339ab16ad7b94d6de3ee07bd | |
9 | Source1: http://www.trapkit.de/tools/%{name}_changes.txt | |
10 | # Source1-md5: 03a45df6ac588603c6191dc0a4883531 | |
11 | URL: http://www.trapkit.de/tools/checksec.html | |
12 | Requires: binutils | |
13 | BuildArch: noarch | |
14 | BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) | |
15 | ||
16 | %description | |
17 | Modern Linux distributions offer some mitigation techniques to make it | |
18 | harder to exploit software vulnerabilities reliably. Mitigations such | |
19 | as RELRO, NoExecute (NX), Stack Canaries, Address Space Layout | |
20 | Randomization (ASLR) and Position Independent Executables (PIE) have | |
21 | made reliably exploiting any vulnerabilities that do exist far more | |
22 | challenging. | |
23 | ||
24 | The checksec script is designed to test what *standard* Linux OS and | |
25 | PaX <http://pax.grsecurity.net/> security features are being used. | |
26 | ||
27 | As of version 1.3 the script also lists the status of various Linux | |
28 | kernel protection mechanisms. | |
29 | ||
30 | checksec can check binary-files and running processes for hardening | |
31 | features. | |
32 | ||
33 | %prep | |
34 | cp -p %{SOURCE1} ChangeLog | |
35 | ||
36 | %install | |
37 | rm -rf $RPM_BUILD_ROOT | |
38 | install -d $RPM_BUILD_ROOT%{_bindir} | |
39 | install -p %{SOURCE0} $RPM_BUILD_ROOT%{_bindir}/%{name} | |
40 | ||
41 | %clean | |
42 | rm -rf $RPM_BUILD_ROOT | |
43 | ||
44 | %files | |
45 | %defattr(644,root,root,755) | |
46 | %doc ChangeLog | |
47 | %attr(755,root,root) %{_bindir}/%{name} |