1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
#!/bin/sh
# shellcheck disable=SC2039
if ! type scanelf > /dev/null 2>&1; then
echo "scanelf (from pax-utils) is required for these checks." >&2
exit 3
fi
RET=0
# check for exec stacks
OUT=$(scanelf -qyRAF '%e %p' "$1")
if [ x"${OUT}" != x ]; then
RET=2
echo "The following files contain writable and executable sections"
echo " Files with such sections will not work properly (or at all!) on some"
echo " architectures/operating systems."
echo " For more information, see:"
echo " https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart"
echo
echo "${OUT}"
echo
fi
# check for TEXTRELS
OUT=$(scanelf -qyRAF '%T %p' "$1")
if [ x"${OUT}" != x ]; then
RET=2
echo "The following files contain runtime text relocations"
echo " Text relocations force the dynamic linker to perform extra"
echo " work at startup, waste system resources, and may pose a security"
echo " risk. On some architectures, the code may not even function"
echo " properly, if at all."
echo " For more information, see:"
echo " https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels"
echo
echo "${OUT}"
echo
fi
exit $RET
|
