Date: Sat, 2 Jan 1999 23:41:16 +0200 (EET) From: snar@paranoia.ru To: FreeBSD-gnats-submit@FreeBSD.ORG Subject: ports/9279: new port submission - libparanoia. Message-ID: <199901022141.XAA11931@unicorn.carrier.kiev.ua>
next in thread | raw e-mail | index | archive | help
>Number: 9279 >Category: ports >Synopsis: new port submission - libparanoia. >Confidential: yes >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Jan 2 13:50:00 PST 1999 >Last-Modified: >Originator: >Organization: Confidential: no Synopsis: new port submission - libparanoia >Release: FreeBSD 2.2.5-STABLE i386 >Environment: >Description: Just a new port submission - libparanoia. That is a security-related library, which provides safe (in mean of stack smashing) incarnations of strcpy/strcat et al. >How-To-Repeat: >Fix: # This is a shell archive. Save it in a file, remove anything before # this line, and then unpack it by entering "sh file". Note, it may # create directories; files and directories will be owned by you and # have default permissions. # # This archive contains: # # libparanoia # libparanoia/Makefile # libparanoia/files # libparanoia/files/md5 # libparanoia/pkg # libparanoia/pkg/COMMENT # libparanoia/pkg/DESCR # libparanoia/pkg/PLIST # echo c - libparanoia mkdir -p libparanoia > /dev/null 2>&1 echo x - libparanoia/Makefile sed 's/^X//' >libparanoia/Makefile << 'END-of-libparanoia/Makefile' X# New ports collection makefile for: libparanoia X# Version required: 1.3 X# Date created: 1 Jan 1999 X# Whom: Alexandre Snarskii <snar@paranoia.ru> X# X# $Id: Makefile,v 1.3 1999/01/02 20:17:32 snar Exp $ X XDISTNAME=libparanoia-1.3 XCATEGORIES=security XMASTER_SITES=ftp://ftp.lexa.ru/pub/domestic/snar/ X XMAINTAINER=snar@paranoia.ru X XNOMAN=yet X X# this library depends on system-defined headers "SYS.h" and "DEFS.h" X# which may differ from release to release. X Xpre-build: X @echo "------------------------------------------------------------" X @echo "You need to have libc sources installed in /usr/src/lib/libc" X @echo "before compiling. If they are not installed - install them," X @echo "or, if they installed in another place - edit" X @echo "work/${DISTNAME}/Makefile to set a proper place" X @echo "------------------------------------------------------------" X X.include <bsd.port.mk> END-of-libparanoia/Makefile echo c - libparanoia/files mkdir -p libparanoia/files > /dev/null 2>&1 echo x - libparanoia/files/md5 sed 's/^X//' >libparanoia/files/md5 << 'END-of-libparanoia/files/md5' XMD5 (libparanoia-1.3.tar.gz) = cfd5687f8e315124e2c72640a723c0a6 END-of-libparanoia/files/md5 echo c - libparanoia/pkg mkdir -p libparanoia/pkg > /dev/null 2>&1 echo x - libparanoia/pkg/COMMENT sed 's/^X//' >libparanoia/pkg/COMMENT << 'END-of-libparanoia/pkg/COMMENT' XSafe (in the mean of stack smashing) reincarnation of strcpy et al. END-of-libparanoia/pkg/COMMENT echo x - libparanoia/pkg/DESCR sed 's/^X//' >libparanoia/pkg/DESCR << 'END-of-libparanoia/pkg/DESCR' XThis is a library, which contains a safe reincarnations Xof strcpy/strcat/sprintf and some other functions, Xwhich is known to be a source to 99% of stack smashing Xattacks since Morrison Worm. X XBasic idea is: these functions never return in case Xof modified stack frames. Instead, they kills current Xprocess with SIG_SEGV, and, in case when program Xjust ignores it - calls exit(2). In 'paranoidal' Xpoint of view, termination of a process is a much Xless worth, than possible incorrect continuation. X XThis library can be used in two ways - you can just Xinstall it as a port/package, and then relink critical Xapplications (such as a network daemons) with X-lparanoia -L/usr/local/lib, or you can override Xstandard functions in libc (using libparanoia/copy-to-libc Xshell script) - in this case you'll get any application, Xwhich uses shared libc, automatically protected. X Xhttp://www.lexa.ru/snar/libparanoia/ X-- XAlexandre Snarskii <snar@paranoia.ru>. Baltika-3 is better :) END-of-libparanoia/pkg/DESCR echo x - libparanoia/pkg/PLIST sed 's/^X//' >libparanoia/pkg/PLIST << 'END-of-libparanoia/pkg/PLIST' Xlib/libparanoia.a Xlib/libparanoia_p.a Xlib/libparanoia.so.1.3 X@exec /usr/bin/env OBJFORMAT=%%PORTOBJFORMAT%% /sbin/ldconfig -m X@unexec /usr/bin/env OBJFORMAT=%%PORTOBJFORMAT%% /sbin/ldconfig -R END-of-libparanoia/pkg/PLIST exit >Audit-Trail: >Unformatted: Originator: Alexandre Snarskii Class: change-request To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901022141.XAA11931>