Name:		checksec
Version:	1.5
Release:	3%{?dist}.art
Summary:	Tool to check system for binary-hardening
Group:		Development/Tools

License:	BSD
URL:		http://www.trapkit.de/tools/%{name}.html
Source0:	http://www.trapkit.de/tools/%{name}.sh
Source1:	http://www.trapkit.de/tools/%{name}_changes.txt

%{?el5:BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)}
BuildArch:	noarch
Requires:	binutils

%description
Modern Linux distributions offer some mitigation techniques to make it harder
to exploit software vulnerabilities reliably. Mitigations such as RELRO,
NoExecute (NX), Stack Canaries, Address Space Layout Randomization (ASLR) and
Position Independent Executables (PIE) have made reliably exploiting any
vulnerabilities that do exist far more challenging. The checksec script is
designed to test what *standard* Linux OS and PaX (http://pax.grsecurity.net/)
security features are being used.

As of version 1.3 the script also lists the status of various Linux kernel
protection mechanisms.

%{name} can check binary-files and running processes for hardening features.


%prep
mkdir -p build


%build
install -pm 0644 %{SOURCE1} build/ChangeLog

%install
%{?el5:rm -rf %{buildroot}}
mkdir -p %{buildroot}%{_bindir}
install -pm 0755 %{SOURCE0} %{buildroot}%{_bindir}/%{name}


%clean
%{?el5:rm -rf %{buildroot}}


%files
%doc build/ChangeLog
%{_bindir}/%{name}


%changelog
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Wed Jun 12 2013 Björn Esser <bjoern.esser@gmail.com> - 1.5-2
- added stuff for el5-build

* Tue Jun 11 2013 Björn Esser <bjoern.esser@gmail.com> - 1.5-1
- Initial rpm release