Name: checksec Version: 1.5 Release: 3%{?dist}.art Summary: Tool to check system for binary-hardening Group: Development/Tools License: BSD URL: http://www.trapkit.de/tools/%{name}.html Source0: http://www.trapkit.de/tools/%{name}.sh Source1: http://www.trapkit.de/tools/%{name}_changes.txt %{?el5:BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)} BuildArch: noarch Requires: binutils %description Modern Linux distributions offer some mitigation techniques to make it harder to exploit software vulnerabilities reliably. Mitigations such as RELRO, NoExecute (NX), Stack Canaries, Address Space Layout Randomization (ASLR) and Position Independent Executables (PIE) have made reliably exploiting any vulnerabilities that do exist far more challenging. The checksec script is designed to test what *standard* Linux OS and PaX (http://pax.grsecurity.net/) security features are being used. As of version 1.3 the script also lists the status of various Linux kernel protection mechanisms. %{name} can check binary-files and running processes for hardening features. %prep mkdir -p build %build install -pm 0644 %{SOURCE1} build/ChangeLog %install %{?el5:rm -rf %{buildroot}} mkdir -p %{buildroot}%{_bindir} install -pm 0755 %{SOURCE0} %{buildroot}%{_bindir}/%{name} %clean %{?el5:rm -rf %{buildroot}} %files %doc build/ChangeLog %{_bindir}/%{name} %changelog * Sat Aug 03 2013 Fedora Release Engineering - 1.5-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild * Wed Jun 12 2013 Björn Esser - 1.5-2 - added stuff for el5-build * Tue Jun 11 2013 Björn Esser - 1.5-1 - Initial rpm release