%define ver 1.3 %define rel 3 Summary: Libsafe: Protecting Critical Elements of Stacks Name: libsafe Version: %{ver} Release: %{rel} Copyright: LGPL Group: System/Utilities Source0: http://www.bell-labs.com/org/11356/src/libsafe-%{ver}.tgz Source1: libsafe.sh Source2: libsafe.csh Patch0: libsafe-makefile.patch URL: http://www.bell-labs.com/org/11356/libsafe.html BuildRoot: /var/tmp/libsafe-root %description The libsafe library protects a process against the exploitation of buffer overflow vulnerabilities in process stacks. Libsafe works with any existing pre-compiled executable and can be used transparently, even on a system-wide basis. The method intercepts all calls to library functions that are known to be vulnerable. A substitute version of the corresponding function implements the original functionality, but in a manner that ensures that any buffer overflows are contained within the current stack frame. Libsafe has been shown to detect several known attacks and can potentially prevent yet unknown attacks. Experiments indicate that the performance overhead of libsafe is negligible. %prep %setup -n libsafe %patch0 -p0 %build mkdir -p $RPM_BUILD_ROOT/lib $RPM_BUILD_ROOT/usr/man/man8 $RPM_BUILD_ROOT/etc/profile.d make %install install -s -o 0 -g 0 -m 0755 src/libsafe.so.%{ver} $RPM_BUILD_ROOT/lib install -o 0 -g 0 -m 0644 doc/libsafe.8 $RPM_BUILD_ROOT/usr/man/man8 install -o 0 -g 0 -m 755 $RPM_SOURCE_DIR/libsafe.sh $RPM_BUILD_ROOT/etc/profile.d install -o 0 -g 0 -m 755 $RPM_SOURCE_DIR/libsafe.csh $RPM_BUILD_ROOT/etc/profile.d touch $RPM_BUILD_ROOT/etc/libsafe.notify %clean rm -rf $RPM_BUILD_ROOT %post /sbin/ldconfig %postun /sbin/ldconfig %files %defattr(-,root,root) /lib/libsafe.so.%{ver} /usr/man/man8/libsafe.8 %config(missingok,noreplace) /etc/profile.d/libsafe.sh %config(missingok,noreplace) /etc/profile.d/libsafe.csh %config(missingok,noreplace) /etc/libsafe.notify %doc README COPYING ChangeLog INSTALL doc exploits %changelog * Tue Apr 25 2000 William Stearns - install no longer tries to strip the man page or shell scripts. * Fri Apr 21 2000 Jeremy Hansen - updated rpm. - updated rpm again, got bugfix tar ball from Arash Baratloo * Thu Apr 20 2000 Jeremy Hansen - initial package build.