From e1f45203f203a5c9143d58cde7a187908cad9a06 Mon Sep 17 00:00:00 2001 From: "Justin M. Seger" Date: Sat, 10 Apr 1999 13:12:12 +0000 Subject: Import of security/libparanoia 1.3 This is a library, which contains a safe reincarnations of strcpy/strcat/sprintf and some other functions, which is known to be a source to 99% of stack smashing attacks since Morrison Worm. PR: ports/9279 Submitted by: Alexandre Snarskii --- security/libparanoia/Makefile | 22 ++++++++++++++++++++++ security/libparanoia/distinfo | 1 + security/libparanoia/pkg-comment | 1 + security/libparanoia/pkg-descr | 23 +++++++++++++++++++++++ security/libparanoia/pkg-plist | 6 ++++++ 5 files changed, 53 insertions(+) create mode 100644 security/libparanoia/Makefile create mode 100644 security/libparanoia/distinfo create mode 100644 security/libparanoia/pkg-comment create mode 100644 security/libparanoia/pkg-descr create mode 100644 security/libparanoia/pkg-plist diff --git a/security/libparanoia/Makefile b/security/libparanoia/Makefile new file mode 100644 index 000000000000..1483dd99030b --- /dev/null +++ b/security/libparanoia/Makefile @@ -0,0 +1,22 @@ +# New ports collection makefile for: libparanoia +# Version required: 1.3 +# Date created: 1 Jan 1999 +# Whom: Alexandre Snarskii +# +# $Id$ + +DISTNAME= libparanoia-1.3 +CATEGORIES= security +MASTER_SITES= ftp://ftp.lexa.ru/pub/domestic/snar/ + +MAINTAINER= snar@paranoia.ru + +# this library depends on system-defined headers "SYS.h" and "DEFS.h" +# which may differ from release to release. + +.if !exists(/usr/src/lib/libc) +BROKEN= You need to have libc sources installed in /usr/src/lib/libc \ + before compiling. +.endif + +.include diff --git a/security/libparanoia/distinfo b/security/libparanoia/distinfo new file mode 100644 index 000000000000..024964b667af --- /dev/null +++ b/security/libparanoia/distinfo @@ -0,0 +1 @@ +MD5 (libparanoia-1.3.tar.gz) = cfd5687f8e315124e2c72640a723c0a6 diff --git a/security/libparanoia/pkg-comment b/security/libparanoia/pkg-comment new file mode 100644 index 000000000000..12b61ae577dd --- /dev/null +++ b/security/libparanoia/pkg-comment @@ -0,0 +1 @@ +Safe (in the mean of stack smashing) reincarnation of strcpy et al. diff --git a/security/libparanoia/pkg-descr b/security/libparanoia/pkg-descr new file mode 100644 index 000000000000..d20ec5dd7d44 --- /dev/null +++ b/security/libparanoia/pkg-descr @@ -0,0 +1,23 @@ +This is a library, which contains a safe reincarnations +of strcpy/strcat/sprintf and some other functions, +which is known to be a source to 99% of stack smashing +attacks since Morrison Worm. + +Basic idea is: these functions never return in case +of modified stack frames. Instead, they kills current +process with SIG_SEGV, and, in case when program +just ignores it - calls exit(2). In 'paranoidal' +point of view, termination of a process is a much +less worth, than possible incorrect continuation. + +This library can be used in two ways - you can just +install it as a port/package, and then relink critical +applications (such as a network daemons) with +-lparanoia -L/usr/local/lib, or you can override +standard functions in libc (using libparanoia/copy-to-libc +shell script) - in this case you'll get any application, +which uses shared libc, automatically protected. + +http://www.lexa.ru/snar/libparanoia/ +-- +Alexandre Snarskii . Baltika-3 is better :) diff --git a/security/libparanoia/pkg-plist b/security/libparanoia/pkg-plist new file mode 100644 index 000000000000..d1546f8b57af --- /dev/null +++ b/security/libparanoia/pkg-plist @@ -0,0 +1,6 @@ +lib/libparanoia.a +lib/libparanoia_p.a +lib/libparanoia.so +lib/libparanoia.so.1.3 +@exec /usr/bin/env OBJFORMAT=%%PORTOBJFORMAT%% /sbin/ldconfig -m +@unexec /usr/bin/env OBJFORMAT=%%PORTOBJFORMAT%% /sbin/ldconfig -R -- cgit v1.2.3