Expanding the list of "Hardened Packages"

Richard W.M. Jones rjones at redhat.com
Tue Apr 2 14:04:37 UTC 2013


On Tue, Apr 02, 2013 at 07:15:29PM +0530, Dhiru Kholia wrote:
> On Tue, Apr 2, 2013 at 6:36 PM, Richard W.M. Jones <rjones at redhat.com> wrote:
> > On Tue, Apr 02, 2013 at 05:51:42PM +0530, Dhiru Kholia wrote:
> >> http://dl.dropbox.com/u/1522424/probable-violations-F19.xls
> >
> > That shows:
> >
> > <garbage>
> >
> > Can you use a non-proprietary format please.
> >
> 
> http://dl.dropbox.com/u/1522424/probable-violations-F19.csv

FWIW, the following command produces much better output:

  function display {
    echo "Package:" $1 \($2\)
    echo "  Binary:" $3 \(mode $8 $9 $10\)
    echo "   " NX $4 CANARY $5 RELRO $6 PIE $7
  }
  export -f display
  csvtool drop 1 probable-violations-F19.csv | csvtool call display - | less

like this:

  Package: autodir (autodir-0.99.9-15.fc19.x86_64.rpm)
    Binary: /usr/sbin/autodir (mode 0100755 daemon autodir0)
      NX Enabled CANARY Enabled RELRO Partial PIE Disabled

Although it's not perfect because what you really have is a tree, not
a table.

It would be helpful to have packager names alongside each package too.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-top is 'top' for virtual machines.  Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://people.redhat.com/~rjones/virt-top


More information about the devel mailing list