svn commit: r445088 - in head/security: . hardening-check

Kurt Jaeger pi at FreeBSD.org
Wed Jul 5 18:02:04 UTC 2017 

Author: pi
Date: Wed Jul  5 18:02:02 2017
New Revision: 445088
URL: https://svnweb.freebsd.org/changeset/ports/445088

Log:
  New port: security/hardening-check
  
  Check binaries for security hardening features
  
  Hardening-check is a perl script to verify that the resulting binary
  does, in fact, have hardening features enabled, you can use it to
  test each ELF binary and the output will show if the binary has
  position independent executable, stack protected, fortify source
  functions(not supported on FreeBSD now), read only relocations or
  immediate binding supported.
  
  WWW: https://wiki.debian.org/Hardening
  
  PR:		220245
  Submitted by:	amutu at amutu.com

Added:
  head/security/hardening-check/
  head/security/hardening-check/Makefile   (contents, props changed)
  head/security/hardening-check/distinfo   (contents, props changed)
  head/security/hardening-check/pkg-descr   (contents, props changed)
Modified:
  head/security/Makefile

Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile	Wed Jul  5 17:20:56 2017	(r445087)
+++ head/security/Makefile	Wed Jul  5 18:02:02 2017	(r445088)
@@ -201,6 +201,7 @@
     SUBDIR += gwee
     SUBDIR += hackbot
     SUBDIR += hamachi
+    SUBDIR += hardening-check
     SUBDIR += hashcat
     SUBDIR += hashcat-legacy
     SUBDIR += heimdal

Added: head/security/hardening-check/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/hardening-check/Makefile	Wed Jul  5 18:02:02 2017	(r445088)
@@ -0,0 +1,34 @@
+# Created by: Jov <amutu at amutu.com>
+# $FreeBSD$
+
+PORTNAME=	hardening-check
+PORTVERSION=	2.6
+CATEGORIES=	security
+MASTER_SITES=	http://http.debian.net/debian/pool/main/h/hardening-wrapper/
+DISTNAME=	hardening-wrapper_${PORTVERSION}
+
+MAINTAINER=	amutu at amutu.com
+COMMENT=	Check binaries for security hardening features
+
+LICENSE=	GPLv2+
+
+USES=		tar:xz shebangfix perl5
+
+SHEBANG_LANG=	perl
+SHEBANG_FILES=	${PORTNAME}
+
+NO_BUILD=	yes
+PLIST_FILES=	bin/${PORTNAME}
+
+WRKSRC=		${WRKDIR}/hardening-wrapper
+
+post-patch:
+	${REINPLACE_CMD} -e 's/die "List of libc functions not defined/#&/' \
+		-e 's/^libc./& Not supported on FreeBSD now./' \
+		-e 's/against glibc)./& This function is currently Not supported on FreeBSD./' \
+		${WRKSRC}/${PORTNAME}
+
+do-install:
+	${INSTALL_SCRIPT} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/
+
+.include <bsd.port.mk>

Added: head/security/hardening-check/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/hardening-check/distinfo	Wed Jul  5 18:02:02 2017	(r445088)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1498272039
+SHA256 (hardening-wrapper_2.6.tar.xz) = c5fc46439646d0929a0605e4f3db67e57eefbbf5ceec5a2888440dbdf4450224
+SIZE (hardening-wrapper_2.6.tar.xz) = 19436

Added: head/security/hardening-check/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/hardening-check/pkg-descr	Wed Jul  5 18:02:02 2017	(r445088)
@@ -0,0 +1,8 @@
+Hardening-check is a perl script to verify that the resulting binary
+does, in fact, have hardening features enabled, you can use it to
+test each ELF binary and the output will show if the binary has
+position independent executable, stack protected, fortify source
+functions(not supported on FreeBSD now), read only relocations or
+immediate binding supported.
+
+WWW: https://wiki.debian.org/Hardening

More information about the svn-ports-head mailing list