]>
Commit | Line | Data |
---|---|---|
f26eb428 JZ |
1 | #!/bin/sh |
2 | ||
c552fbc5 | 3 | # shellcheck disable=SC2039 |
f26eb428 JZ |
4 | if ! type scanelf > /dev/null 2>&1; then |
5 | echo "scanelf (from pax-utils) is required for these checks." >&2 | |
6 | exit 3 | |
7 | fi | |
8 | ||
9 | RET=0 | |
10 | ||
11 | # check for exec stacks | |
c552fbc5 | 12 | OUT=$(scanelf -qyRAF '%e %p' "$1") |
f26eb428 JZ |
13 | |
14 | if [ x"${OUT}" != x ]; then | |
15 | RET=2 | |
16 | echo "The following files contain writable and executable sections" | |
17 | echo " Files with such sections will not work properly (or at all!) on some" | |
18 | echo " architectures/operating systems." | |
19 | echo " For more information, see:" | |
20 | echo " https://wiki.gentoo.org/wiki/Hardened/GNU_stack_quickstart" | |
21 | echo | |
22 | echo "${OUT}" | |
23 | echo | |
24 | fi | |
25 | ||
26 | ||
27 | # check for TEXTRELS | |
c552fbc5 | 28 | OUT=$(scanelf -qyRAF '%T %p' "$1") |
f26eb428 JZ |
29 | |
30 | if [ x"${OUT}" != x ]; then | |
31 | RET=2 | |
32 | echo "The following files contain runtime text relocations" | |
33 | echo " Text relocations force the dynamic linker to perform extra" | |
34 | echo " work at startup, waste system resources, and may pose a security" | |
35 | echo " risk. On some architectures, the code may not even function" | |
36 | echo " properly, if at all." | |
37 | echo " For more information, see:" | |
38 | echo " https://wiki.gentoo.org/wiki/Hardened/HOWTO_locate_and_fix_textrels" | |
39 | echo | |
40 | echo "${OUT}" | |
41 | echo | |
42 | fi | |
43 | ||
44 | exit $RET |