Name:		checksec
Version:	1.5
Release:	2%{?dist}
Summary:	Tool to check system for binary-hardening
Group:		Development/Tools

License:	BSD
URL:		http://www.trapkit.de/tools/%{name}.html
Source0:	http://www.trapkit.de/tools/%{name}.sh
Source1:	http://www.trapkit.de/tools/%{name}_changes.txt

%{?el5:BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)}
BuildArch:	noarch
Requires:	binutils

%description
Modern Linux distributions offer some mitigation techniques to make it harder
to exploit software vulnerabilities reliably. Mitigations such as RELRO,
NoExecute (NX), Stack Canaries, Address Space Layout Randomization (ASLR) and
Position Independent Executables (PIE) have made reliably exploiting any
vulnerabilities that do exist far more challenging. The checksec script is
designed to test what *standard* Linux OS and PaX (http://pax.grsecurity.net/)
security features are being used.

As of version 1.3 the script also lists the status of various Linux kernel
protection mechanisms.

%{name} can check binary-files and running processes for hardening features.


%prep
mkdir -p build


%build
install -pm 0644 %{SOURCE1} build/ChangeLog

%install
%{?el5:rm -rf %{buildroot}}
mkdir -p %{buildroot}%{_bindir}
install -pm 0755 %{SOURCE0} %{buildroot}%{_bindir}/%{name}


%clean
%{?el5:rm -rf %{buildroot}}


%files
%doc build/ChangeLog
%{_bindir}/%{name}


%changelog
* Wed Jun 12 2013 Björn Esser <bjoern.esser@gmail.com> - 1.5-2
- added stuff for el5-build

* Tue Jun 11 2013 Björn Esser <bjoern.esser@gmail.com> - 1.5-1
- Initial rpm release