Import of security/libparanoia 1.3

This is a library, which contains a safe reincarnations
of strcpy/strcat/sprintf and some other functions,
which is known to be a source to 99% of stack smashing
attacks since Morrison Worm.

PR:		ports/9279
Submitted by:	Alexandre Snarskii <snar@paranoia.ru>

5 files changed, 53 insertions, 0 deletions

diff --git a/security/libparanoia/Makefile b/security/libparanoia/Makefile
new file mode 100644
index 000000000000..1483dd99030b
--- /dev/null
+++ b/security/libparanoia/Makefile
@@ -0,0 +1,22 @@
+# New ports collection makefile for:	libparanoia
+# Version required:			1.3
+# Date created:				1 Jan 1999
+# Whom:					Alexandre Snarskii <snar@paranoia.ru>
+#
+# $Id$
+
+DISTNAME=	libparanoia-1.3
+CATEGORIES=	security
+MASTER_SITES=	ftp://ftp.lexa.ru/pub/domestic/snar/
+
+MAINTAINER=	snar@paranoia.ru
+
+# this library depends on system-defined headers "SYS.h" and "DEFS.h"
+# which may differ from release to release.
+
+.if !exists(/usr/src/lib/libc)
+BROKEN=		You need to have libc sources installed in /usr/src/lib/libc \
+		before compiling.
+.endif
+
+.include <bsd.port.mk>
diff --git a/security/libparanoia/distinfo b/security/libparanoia/distinfo
new file mode 100644
index 000000000000..024964b667af
--- /dev/null
+++ b/security/libparanoia/distinfo
@@ -0,0 +1 @@
+MD5 (libparanoia-1.3.tar.gz) = cfd5687f8e315124e2c72640a723c0a6
diff --git a/security/libparanoia/pkg-comment b/security/libparanoia/pkg-comment
new file mode 100644
index 000000000000..12b61ae577dd
--- /dev/null
+++ b/security/libparanoia/pkg-comment
@@ -0,0 +1 @@
+Safe (in the mean of stack smashing) reincarnation of strcpy et al.
diff --git a/security/libparanoia/pkg-descr b/security/libparanoia/pkg-descr
new file mode 100644
index 000000000000..d20ec5dd7d44
--- /dev/null
+++ b/security/libparanoia/pkg-descr
@@ -0,0 +1,23 @@
+This is a library, which contains a safe reincarnations
+of strcpy/strcat/sprintf and some other functions,
+which is known to be a source to 99% of stack smashing 
+attacks since Morrison Worm. 
+
+Basic idea is: these functions never return in case 
+of modified stack frames. Instead, they kills current
+process with SIG_SEGV, and, in case when program 
+just ignores it - calls exit(2). In 'paranoidal'
+point of view, termination of a process is a much 
+less worth, than possible incorrect continuation.
+
+This library can be used in two ways - you can just 
+install it as a port/package, and then relink critical
+applications (such as a network daemons) with 
+-lparanoia -L/usr/local/lib, or you can override
+standard functions in libc (using libparanoia/copy-to-libc 
+shell script) - in this case you'll get any application,
+which uses shared libc, automatically protected.
+
+http://www.lexa.ru/snar/libparanoia/
+-- 
+Alexandre Snarskii <snar@paranoia.ru>. 	Baltika-3 is better :)
diff --git a/security/libparanoia/pkg-plist b/security/libparanoia/pkg-plist
new file mode 100644
index 000000000000..d1546f8b57af
--- /dev/null
+++ b/security/libparanoia/pkg-plist
@@ -0,0 +1,6 @@
+lib/libparanoia.a
+lib/libparanoia_p.a
+lib/libparanoia.so
+lib/libparanoia.so.1.3
+@exec /usr/bin/env OBJFORMAT=%%PORTOBJFORMAT%% /sbin/ldconfig -m
+@unexec /usr/bin/env OBJFORMAT=%%PORTOBJFORMAT%% /sbin/ldconfig -R