nightmorph 10/08/30 03:01:13
Modified: pax-utils.xml
Log:
update ELF specification link, bug 334025. also fix miscellaneous GuideXML stuff and hardened-sources references.
Revision Changes Path
1.9 xml/htdocs/proj/en/hardened/pax-utils.xml
file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?rev=1.9&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?rev=1.9&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml?r1=1.8&r2=1.9
Index: pax-utils.xml
===================================================================
RCS file: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- pax-utils.xml 13 Dec 2006 00:31:28 -0000 1.8
+++ pax-utils.xml 30 Aug 2010 03:01:13 -0000 1.9
@@ -1,29 +1,31 @@
<?xml version='1.0' encoding="UTF-8"?>
-
-<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v 1.8 2006/12/13 00:31:28 solar Exp $ -->
-
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
+<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/proj/en/hardened/pax-utils.xml,v 1.9 2010/08/30 03:01:13 nightmorph Exp $ -->
-<guide link="/proj/en/hardened/pax-utils.xml">
+<guide>
<title>Gentoo PaX Utilities</title>
<author title="Author">
- <mail link="swift@g.o">Sven Vermeulen</mail>
+ <mail link="swift"/>
+</author>
+<author title="Editor">
+ <mail link="solar"/>
</author>
<author title="Editor">
- <mail link="solar@g.o">Ned Ludd</mail>
+ <mail link="nightmorph"/>
</author>
<abstract>
-
+This guide provides instruction on securing your system by using the pax-utils
+package to find and identify problematic binaries.
</abstract>
<!-- The content of this document is licensed under the CC-BY-SA license -->
<!-- See http://creativecommons.org/licenses/by-sa/2.0 -->
<license/>
-<version>0.1</version>
-<date>2005-01-01</date>
+<version>2</version>
+<date>2010-08-29</date>
<chapter>
<title>What is this guide about?</title>
@@ -74,8 +76,8 @@
<p>
The structure of such a binary is defined in the ELF standard. ELF stands for
<e>Executable and Linkable Format</e>. If you are really interested in the gory
-details, check out the
-<uri link="http://www.linuxbase.org/spec/book/ELF-generic/ELF-generic.html">
+details, check out the <uri
+link="http://refspecs.linux-foundation.org/LSB_4.0.0/LSB-Core-generic/LSB-Core-generic/elf-generic.html">
Generic ELF spec</uri> or the <c>elf(5)</c> man page.
</p>
@@ -406,7 +408,6 @@
<ti>k</ti>
<ti>Section</ti>
</tr>
-
<tr>
<ti>a</ti>
<ti>ARCH/e_machine</ti>
@@ -471,11 +472,10 @@
</body>
</section>
-
-
<section>
<title>Using scanelf for Specific Header</title>
<body>
+
<p>
The scanelf util can be used to quickly identify files that contain a
given section header using the -k .section option.
@@ -487,13 +487,13 @@
stripped. A stripped elf will lack a .symtab entry, so we use the '!'
to invert the matching logic.
</p>
+
<pre caption="Scanning for stripped or non stripped executables">
# <i>scanelf -k '!.symtab' /usr/lib/debug -Rq -F%F#k</i>
</pre>
</body>
</section>
-
<section>
<title>Using scanelf for Specific Segment Markings</title>
<body>
@@ -565,8 +565,8 @@
To be able to benefit from these defense mechanisms, you need to run a Linux
kernel patched with the latest PaX code. The <uri
link="http://hardened.gentoo.org">Hardened Gentoo</uri> project supports PaX and
-its parent project, grsecurity. Supported kernel packages are
-<c>sys-kernel/hardened-sources-2.(4|6)</c>.
+its parent project, grsecurity. The supported kernel package is
+<c>sys-kernel/hardened-sources</c>.
</p>
<p>
@@ -582,7 +582,7 @@
<body>
<p>
-If your tool chain supports it, your binaries can have additional PaX flags in
+If your toolchain supports it, your binaries can have additional PaX flags in
their Program Header. The following flags are supported:
</p>
@@ -753,5 +753,4 @@
</body>
</section>
</chapter>
-
</guide>
|
