From e004b2f09b5bb59ab600f563f53799f4a0c141b3 Mon Sep 17 00:00:00 2001 From: osa Date: Sat, 14 Jun 2003 18:36:14 +0000 Subject: New port: library that makes it easy for programs to use privilege separation Submitted by: Kirill Ponomarew PR: 53314 Approved by: fjoe (implicit) --- devel/Makefile | 1 + devel/privman/Makefile | 41 +++++++++++++++++++++++++++++++++++++++++ devel/privman/distinfo | 1 + devel/privman/pkg-descr | 17 +++++++++++++++++ devel/privman/pkg-plist | 15 +++++++++++++++ 5 files changed, 75 insertions(+) create mode 100644 devel/privman/Makefile create mode 100644 devel/privman/distinfo create mode 100644 devel/privman/pkg-descr create mode 100644 devel/privman/pkg-plist (limited to 'devel') diff --git a/devel/Makefile b/devel/Makefile index 369f913ae093..37022d13a023 100644 --- a/devel/Makefile +++ b/devel/Makefile @@ -748,6 +748,7 @@ SUBDIR += powerpc-rtems-objc SUBDIR += ppl SUBDIR += prcs + SUBDIR += privman SUBDIR += projectcenter.app SUBDIR += prototype SUBDIR += pth diff --git a/devel/privman/Makefile b/devel/privman/Makefile new file mode 100644 index 000000000000..549e7f24bb8e --- /dev/null +++ b/devel/privman/Makefile @@ -0,0 +1,41 @@ +# New ports collection makefile for: privman +# Date created: 14.06.2003 +# Whom: Kirill Ponomarew +# +# $FreeBSD$ +# + +PORTNAME= privman +PORTVERSION= 0.9.2 +CATEGORIES= devel security +MASTER_SITES= http://opensource.nailabs.com/privman/downloads/ + +MAINTAINER= ponomarew@oberon.net +COMMENT= Library that makes it easy for programs to use privilege separation + +GNU_CONFIGURE= yes +USE_LIBTOOL= yes +INSTALLS_SHLIB= yes +USE_REINPLACE= yes +CONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL} + +post-patch: + @${REINPLACE_CMD} -e \ + 's|$$(PACKAGE).d|$$(PACKAGE)|g' \ + ${WRKSRC}/etc/Makefile.in + +MAN3= priv_bind.3 priv_custom.3 priv_daemon.3 priv_execve.3 \ + priv_fopen.3 priv_fork.3 priv_init.3 priv_invoke_cap_fn.3 \ + priv_invoke_info_fn.3 priv_open.3 priv_pam.3 \ + priv_pam_acct_mgmt.3 priv_pam_authenticate.3 priv_pam_chauthtok.3 \ + priv_pam_close_session.3 priv_pam_end.3 priv_pam_fail_delay.3 \ + priv_pam_get_item.3 priv_pam_getenv.3 priv_pam_open_session.3 \ + priv_pam_putenv.3 priv_pam_set_item.3 priv_pam_setcred.3 \ + priv_pam_start.3 priv_pclose.3 priv_popen.3 priv_register_cap_fn.3 \ + priv_register_info_fn.3 priv_rerunas.3 priv_respawn_as.3 \ + priv_wait4.3 + +MAN5= privman_conf.5 +MAN7= privman.7 + +.include diff --git a/devel/privman/distinfo b/devel/privman/distinfo new file mode 100644 index 000000000000..2db0d2219764 --- /dev/null +++ b/devel/privman/distinfo @@ -0,0 +1 @@ +MD5 (privman-0.9.2.tar.gz) = ef2564db75b36a42e6c286f5fbb70170 diff --git a/devel/privman/pkg-descr b/devel/privman/pkg-descr new file mode 100644 index 000000000000..9fbf438e0d2f --- /dev/null +++ b/devel/privman/pkg-descr @@ -0,0 +1,17 @@ +Privman is a library that makes it easy for programs to use +privilege separation, a technique that prevents the leak or +misuse of privilege from applications that must run with some +elevated permissions. Applications that use the Privman library +split into two halves, the half that performs valid privileged +operations, and the half that contains the application's logic. +The Privman library simplifies the otherwise complex task of +separating the application, protecting the system from +compromise if an error in the application logic is found. The +library uses configuration files to provide fine-grained access +control for the privileged operations, limiting exposure in +even of an attack against the application. When the application +is compromised, the attacker gains only the privileges of an +unprivileged user and the specific privileges granted to the +application by the application's Privman configuration file. + +WWW: http://opensource.nailabs.com/privman diff --git a/devel/privman/pkg-plist b/devel/privman/pkg-plist new file mode 100644 index 000000000000..248f5a717bf2 --- /dev/null +++ b/devel/privman/pkg-plist @@ -0,0 +1,15 @@ +etc/privman/check_user +etc/privman/microb +etc/privman/mycat +etc/privman/myecho +etc/privman/myexec +etc/privman/mypopen +etc/privman/myrerun +etc/privman/privman.conf +include/msghdr.h +include/privman.h +lib/libprivman.a +lib/libprivman.la +lib/libprivman.so +lib/libprivman.so.2 +@dirrm etc/privman -- cgit