[gentoo-commits] gentoo commit in xml/htdocs/proj/en/hardened: pax-utils.xml - gentoo-commits

From:	"Joshua Saddler (nightmorph)" <nightmorph@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in xml/htdocs/proj/en/hardened: pax-utils.xml
Date:	Mon, 30 Aug 2010 03:01:21
Message-Id:	`20100830030113.7B6A220054@flycatcher.gentoo.org`

1

nightmorph    10/08/30 03:01:13

2

3

  Modified:             pax-utils.xml

4

  Log:

5

  update ELF specification link, bug 334025. also fix miscellaneous GuideXML stuff and hardened-sources references.

6

7

Revision  Changes    Path

8

1.9                  xml/htdocs/proj/en/hardened/pax-utils.xml

9

10

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?rev=1.9&view=markup

11

plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?rev=1.9&content-type=text/plain

12

diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?r1=1.8&r2=1.9

13

14

Index: pax-utils.xml

15

===================================================================

16

RCS file: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v

17

retrieving revision 1.8

18

retrieving revision 1.9

19

diff -u -r1.8 -r1.9

20

--- pax-utils.xml	13 Dec 2006 00:31:28 -0000	1.8

21

+++ pax-utils.xml	30 Aug 2010 03:01:13 -0000	1.9

22

@@ -1,29 +1,31 @@

23

 <?xml version='1.0' encoding="UTF-8"?>

24

-

25

-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v 1.8 2006/12/13 00:31:28 solar Exp $ -->

26

-

27

 <!DOCTYPE guide SYSTEM "/dtd/guide.dtd">

28

+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v 1.9 2010/08/30 03:01:13 nightmorph Exp $ -->

29

30

-<guide link="/proj/en/hardened/pax-utils.xml">

31

+<guide>

32

 <title>Gentoo PaX Utilities</title>

33

34

 <author title="Author">

35

-  <mail link="swift@g.o">Sven Vermeulen</mail>

36

+  <mail link="swift"/>

37

+</author>

38

+<author title="Editor">

39

+  <mail link="solar"/>

40

 </author>

41

 <author title="Editor">

42

-  <mail link="solar@g.o">Ned Ludd</mail>

43

+  <mail link="nightmorph"/>

44

 </author>

45

46

 <abstract>

47

-

48

+This guide provides instruction on securing your system by using the pax-utils

49

+package to find and identify problematic binaries.

50

 </abstract>

51

52

 <!-- The content of this document is licensed under the CC-BY-SA license -->

53

 <!-- See http://creativecommons.org/licenses/by-sa/2.0 -->

54

 <license/>

55

56

-<version>0.1</version>

57

-<date>2005-01-01</date>

58

+<version>2</version>

59

+<date>2010-08-29</date>

60

61

 <chapter>

62

 <title>What is this guide about?</title>

63

@@ -74,8 +76,8 @@

64

<p>

65

 The structure of such a binary is defined in the ELF standard. ELF stands for

66

 <e>Executable and Linkable Format</e>. If you are really interested in the gory

67

-details, check out the 

68

-<uri link="http://www.linuxbase.org/spec/book/ELF-generic/ELF-generic.html">

69

+details, check out the <uri

70

+link="http://refspecs.linux-foundation.org/LSB_4.0.0/LSB-Core-generic/LSB-Core-generic/elf-generic.html">

71

 Generic ELF spec</uri> or the <c>elf(5)</c> man page.

72

 </p>

73

74

@@ -406,7 +408,6 @@

75

   <ti>k</ti>

76

   <ti>Section</ti>

77

 </tr>

78

-

79

 <tr>

80

   <ti>a</ti>

81

   <ti>ARCH/e_machine</ti>

82

@@ -471,11 +472,10 @@

83

84

 </body>

85

 </section>

86

-

87

-

88

 <section>

89

 <title>Using scanelf for Specific Header</title>

90

 <body>

91

+

92

<p>

93

 The scanelf util can be used to quickly identify files that contain a 

94

 given section header using the -k .section option.

95

@@ -487,13 +487,13 @@

96

 stripped. A stripped elf will lack a .symtab entry, so we use the '!' 

97

 to invert the matching logic.

98

 </p>

99

+

100

 <pre caption="Scanning for stripped or non stripped executables">

101

 # <i>scanelf -k '!.symtab' /usr/lib/debug -Rq -F%F#k</i>

102

 </pre>

103

104

 </body>

105

 </section>

106

-

107

 <section>

108

 <title>Using scanelf for Specific Segment Markings</title>

109

 <body>

110

@@ -565,8 +565,8 @@

111

 To be able to benefit from these defense mechanisms, you need to run a Linux

112

 kernel patched with the latest PaX code. The <uri

113

 link="http://hardened.gentoo.org">Hardened Gentoo</uri> project supports PaX and

114

-its parent project, grsecurity. Supported kernel packages are

115

-<c>sys-kernel/hardened-sources-2.(4|6)</c>.

116

+its parent project, grsecurity. The supported kernel package is

117

+<c>sys-kernel/hardened-sources</c>.

118

 </p>

119

120

<p>

121

@@ -582,7 +582,7 @@

122

 <body>

123

124

<p>

125

-If your tool chain supports it, your binaries can have additional PaX flags in

126

+If your toolchain supports it, your binaries can have additional PaX flags in

127

 their Program Header. The following flags are supported:

128

 </p>

129

130

@@ -753,5 +753,4 @@

131

 </body>

132

 </section>

133

 </chapter>

134

-

135

 </guide>

1	nightmorph 10/08/30 03:01:13
2
3	Modified: pax-utils.xml
4	Log:
5	update ELF specification link, bug 334025. also fix miscellaneous GuideXML stuff and hardened-sources references.
6
7	Revision Changes Path
8	1.9 xml/htdocs/proj/en/hardened/pax-utils.xml
9
10	file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?rev=1.9&view=markup
11	plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?rev=1.9&content-type=text/plain
12	diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?r1=1.8&r2=1.9
13
14	Index: pax-utils.xml
15	===================================================================
16	RCS file: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v
17	retrieving revision 1.8
18	retrieving revision 1.9
19	diff -u -r1.8 -r1.9
20	--- pax-utils.xml 13 Dec 2006 00:31:28 -0000 1.8
21	+++ pax-utils.xml 30 Aug 2010 03:01:13 -0000 1.9
22	@@ -1,29 +1,31 @@
23	<?xml version='1.0' encoding="UTF-8"?>
24	-
25	-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v 1.8 2006/12/13 00:31:28 solar Exp $ -->
26	-
27	<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
28	+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v 1.9 2010/08/30 03:01:13 nightmorph Exp $ -->
29
30	-<guide link="/proj/en/hardened/pax-utils.xml">
31	+<guide>
32	<title>Gentoo PaX Utilities</title>
33
34	<author title="Author">
35	- <mail link="swift@g.o">Sven Vermeulen</mail>
36	+ <mail link="swift"/>
37	+</author>
38	+<author title="Editor">
39	+ <mail link="solar"/>
40	</author>
41	<author title="Editor">
42	- <mail link="solar@g.o">Ned Ludd</mail>
43	+ <mail link="nightmorph"/>
44	</author>
45
46	<abstract>
47	-
48	+This guide provides instruction on securing your system by using the pax-utils
49	+package to find and identify problematic binaries.
50	</abstract>
51
52	<!-- The content of this document is licensed under the CC-BY-SA license -->
53	<!-- See http://creativecommons.org/licenses/by-sa/2.0 -->
54	<license/>
55
56	-<version>0.1</version>
57	-<date>2005-01-01</date>
58	+<version>2</version>
59	+<date>2010-08-29</date>
60
61	<chapter>
62	<title>What is this guide about?</title>
63	@@ -74,8 +76,8 @@
64	<p>
65	The structure of such a binary is defined in the ELF standard. ELF stands for
66	<e>Executable and Linkable Format</e>. If you are really interested in the gory
67	-details, check out the
68	-<uri link="http://www.linuxbase.org/spec/book/ELF-generic/ELF-generic.html">
69	+details, check out the <uri
70	+link="http://refspecs.linux-foundation.org/LSB_4.0.0/LSB-Core-generic/LSB-Core-generic/elf-generic.html">
71	Generic ELF spec</uri> or the <c>elf(5)</c> man page.
72	</p>
73
74	@@ -406,7 +408,6 @@
75	<ti>k</ti>
76	<ti>Section</ti>
77	</tr>
78	-
79	<tr>
80	<ti>a</ti>
81	<ti>ARCH/e_machine</ti>
82	@@ -471,11 +472,10 @@
83
84	</body>
85	</section>
86	-
87	-
88	<section>
89	<title>Using scanelf for Specific Header</title>
90	<body>
91	+
92	<p>
93	The scanelf util can be used to quickly identify files that contain a
94	given section header using the -k .section option.
95	@@ -487,13 +487,13 @@
96	stripped. A stripped elf will lack a .symtab entry, so we use the '!'
97	to invert the matching logic.
98	</p>
99	+
100	<pre caption="Scanning for stripped or non stripped executables">
101	# <i>scanelf -k '!.symtab' /usr/lib/debug -Rq -F%F#k</i>
102	</pre>
103
104	</body>
105	</section>
106	-
107	<section>
108	<title>Using scanelf for Specific Segment Markings</title>
109	<body>
110	@@ -565,8 +565,8 @@
111	To be able to benefit from these defense mechanisms, you need to run a Linux
112	kernel patched with the latest PaX code. The <uri
113	link="http://hardened.gentoo.org">Hardened Gentoo</uri> project supports PaX and
114	-its parent project, grsecurity. Supported kernel packages are
115	-<c>sys-kernel/hardened-sources-2.(4\|6)</c>.
116	+its parent project, grsecurity. The supported kernel package is
117	+<c>sys-kernel/hardened-sources</c>.
118	</p>
119
120	<p>
121	@@ -582,7 +582,7 @@
122	<body>
123
124	<p>
125	-If your tool chain supports it, your binaries can have additional PaX flags in
126	+If your toolchain supports it, your binaries can have additional PaX flags in
127	their Program Header. The following flags are supported:
128	</p>
129
130	@@ -753,5 +753,4 @@
131	</body>
132	</section>
133	</chapter>
134	-
135	</guide>

Gentoo Archives: gentoo-commits