Sophie

Sophie

distrib > Mandriva > 2006.0 > i586 > media > main-src > by-pkgid > 103edc869ed389ce1d986c4205ed19ce > files > 2

libsafe-2.0.13-3mdk.src.rpm

%define version 2.0.13
%define release 3mdk

Summary:	Stack Overflow protection
Name:		libsafe
Version:	%{version}
Release:	%{release}
Source:		libsafe-2.0-13.tar.bz2
License:	LGPL
Group:		System/Libraries
BuildRoot:	%{_tmppath}/libsafe
ExclusiveArch:	%ix86
URL: http://www.research.avayalabs.com/project/libsafe/

%description
The libsafe library is designed to overwrite dangerous
library C function like strcpy / snprintf and perform
bound checking on the destination buffer address in order
to detect an eventual Stack Overflow attempt.

The libsafe library protects a process against the exploitation of buffer
overflow vulnerabilities in process stacks. Libsafe works with any
existing pre-compiled executable and can be used transparently, even on a
system-wide basis. The method intercepts all calls to library functions
that are known to be vulnerable. A substitute version of the corresponding
function implements the original functionality, but in a manner that
ensures that any buffer overflows are contained within the current stack
frame. Libsafe has been shown to detect several known attacks and can
potentially prevent yet unknown attacks. Experiments indicate that the
performance overhead of libsafe is negligible.

%prep 
%setup -q -n %{name}-2.0-13

%build
# Do not use the Mandrake compilation flags,
# this library must not be compiled without any optimizations flags...
make libsafe

%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT
#problem with ldconfig in makefile cannot make install without patch
#make install LIBDIR=$RPM_BUILD_ROOT/lib LIBDIR=$RPM_BUILD_ROOT/%{_mandir} 
rm -f exploits/xlock

install -d $RPM_BUILD_ROOT/%{_mandir}/man8
install -m 644 doc/libsafe.8 $RPM_BUILD_ROOT%{_mandir}/man8/
install -d $RPM_BUILD_ROOT/lib
install -m 644 src/libsafe.so.%{version} $RPM_BUILD_ROOT/lib
cd $RPM_BUILD_ROOT/lib
ln -s libsafe.so.%{version} libsafe.so.`echo %{version} | cut -d. -f1`

%post
tmpfile=`mktemp /tmp/libsafe.XXXXXX`
cp /etc/sysconfig/system $tmpfile
grep -v LIBSAFE $tmpfile > /etc/sysconfig/system
echo "LIBSAFE=yes" >> /etc/sysconfig/system

if [ -f /etc/ld.so.preload ]; then
  if grep -q libsafe /etc/ld.so.preload 2>/dev/null; then

	echo "Updating path to libsafe in /etc/ld.so.preload"
	cp /etc/ld.so.preload $tmpfile
	grep -v libsafe < $tmpfile > /etc/ld.so.preload
	echo /lib/libsafe.so.2 >> /etc/ld.so.preload

  fi
fi

rm -f $tmpfile

%preun
tmpfile=`mktemp /tmp/libsafe.XXXXXX`
cp /etc/sysconfig/system $tmpfile
grep -v LIBSAFE $tmpfile > /etc/sysconfig/system

if [ -f /etc/ld.so.preload ]; then
  if grep -q libsafe /etc/ld.so.preload 2>/dev/null; then

    echo "Removing libsafe from /etc/ld.so.preload"
	cp /etc/ld.so.preload $tmpfile
	grep -v libsafe < $tmpfile > /etc/ld.so.preload
  fi
fi

rm -f $tmpfile



%clean
rm -rf $RPM_BUILD_ROOT

%files
%defattr(-,root,root)
%doc doc/* exploits
/lib/*
%{_mandir}/*/*


%changelog
* Tue Jul 22 2003 Per Øyvind Karlsen <peroyvind@sintrax.net> 2.0.13-3mdk
- quiet setup
- rebuild

* Fri Apr 12 2002 Vincent Danen <vdanen@mandrakesoft.com> 2.0.13-2mdk
- make scripts silent if ld.so.preload doesn't exist

* Wed Mar 27 2002 Yoann Vandoorselaere <yoann@mandrakesoft.com> 2.0.13-1mdk
- update to newer version.
- no need for glibc related patch anymore.

* Tue Sep 25 2001 Warly <warly@mandrakesoft.com> 2.0.5-5mdk
- removing libsafe from ld.so.preload in postun and not in preun
is nonsense.

* Mon Sep 24 2001 Yoann Vandoorselaere <yoann@mandrakesoft.com> 2.0.5-4mdk
- On installation, update link to libsafe in /etc/ld.so.preload if it already exist.
- On removal, remove link to libsafe in /etc/ld.so.preload if present.

* Fri Sep 21 2001 Yoann Vandoorselaere <yoann@mandrakesoft.com> 2.0.5-3mdk
- Do not compile the content of the exploits directory. 
  Just install it under doc.
- Patch to fix breakage due to recent GLIBC API change.
- use mktemp to avoid tmp race.
- correct wrong path to the "system" file.

* Fri Aug 31 2001 Yoann Vandoorselaere <yoann@mandrakesoft.com> 2.0.5-2mdk
- Enable libsafe for server if installed. Disable it on uninstall.

* Fri Aug 31 2001 Yoann Vandoorselaere <yoann@mandrakesoft.com> 2.0.5-1mdk
- Update libsafe version. This release fix the clash with newer glibc.
- Do not put libsafe in ld.so.preload.
- No need to call ldconfig. This library is not to be linked.

* Sat Apr 21 2001 Geoffrey Lee <snailtalk@mandrakesoft.com> 2.0-3mdk
- ExclusiveArch: %%ix86.

* Wed Apr  4 2001 Vincent Saugey <vince@mandrakesoft.com> 2.0-2mdk
- Remove reference on libsafe old version if upgrade 

* Mon Apr  2 2001 Vincent Saugey <vince@mandrakesoft.com> 2.0-1mdk
- Up to 2.0
- Adding more description
- use more maccro

* Thu Aug 31 2000 Yoann Vandoorselaere <yoann@mandrakesoft.com> 1.3-8mdk
- ExcludeArch: sparc, sparc64 
- use %{_mandir} %{_docdir}

* Fri Jul 14 2000 David BAUDENS <baudens@mandrakesoft.com> 1.3-7mdk
- ExludeArch: alpha (Geoffrey Lee <snailtalk@linux-mandrake.com>)

* Wed Jul 12 2000 David BAUDENS <baudens@mandrakesoft.com> 1.3-6mdk
- ExcludeArch: ppc (thanks to Yoann Vandoorselaere)

* Wed May 17 2000 Yoann Vandoorselaere <yoann@mandrakesoft.com> 1.3-5mdk
- libsafe in /lib instead of /usr/lib .

* Tue Apr 25 2000 Yoann Vandoorselaere <yoann@mandrakesoft.com> 1.3-4mdk
- fix a problem with getwd replacement

* Fri Apr 21 2000 Yoann Vandoorselaere <yoann@mandrakesoft.com> 1.3-3mdk
- util.c : __builtin_frame_address take a depth of 2.
- util.c : (fp <= stack_start).

* Fri Mar 31 2000 Yoann Vandoorselaere <yoann@mandrakesoft.com> 1.3-2mdk
- Fix group
- First libsafe package.

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional