[pkgsrc/trunk]: pkgsrc/security/smaSHeM Initial import of smaSHeM, version 0....

[agc <agc%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/dd305b5d8494
branches:  trunk
changeset: 626552:dd305b5d8494
user:      agc <agc%pkgsrc.org@localhost>
date:      Fri Nov 15 05:11:50 2013 +0000

description:
Initial import of smaSHeM, version 0.4, into the packages collection.

        System V shared memory segments created with shmget() are assigned an
        owner, a group and a set of permissions intended to limit access to
        the segment to designated processes only.  The owner of a shared
        memory segment can change the ownership and permissions on a segment
        after its creation using shmctl().  Any subsequent processes that wish
        to attach to the segment can only do so if they have the appropriate
        permissions.  Once attached, the process can read or write to the
        segment, as per the permissions that were set when the segment was
        created.

        smaSHeM takes advantage of applications that set weak permissions on
        such segments, allowing an attacker to dump or patch their contents.
        As discussed in the presentation at 44CON 2013 entitled 'I Miss LSD',
        in the case of many X11 applications it is possible to extract pixmaps
        of previously rendered GUI artifacts.  When compiled with QtCore
        linking enabled, smaSHeM aids in that process by brute forcing
        potentially valid dimensions for the raw pixmap dump.

diffstat:

 security/smaSHeM/DESCR    |  17 +++++++++++++++++
 security/smaSHeM/Makefile |  17 +++++++++++++++++
 security/smaSHeM/PLIST    |   6 ++++++
 security/smaSHeM/STATUS   |   1 +
 security/smaSHeM/distinfo |   5 +++++
 5 files changed, 46 insertions(+), 0 deletions(-)

diffs (66 lines):

diff -r cb17c5892f8a -r dd305b5d8494 security/smaSHeM/DESCR
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/smaSHeM/DESCR    Fri Nov 15 05:11:50 2013 +0000
@@ -0,0 +1,17 @@
+System V shared memory segments created with shmget() are assigned an
+owner, a group and a set of permissions intended to limit access to
+the segment to designated processes only.  The owner of a shared
+memory segment can change the ownership and permissions on a segment
+after its creation using shmctl().  Any subsequent processes that wish
+to attach to the segment can only do so if they have the appropriate
+permissions.  Once attached, the process can read or write to the
+segment, as per the permissions that were set when the segment was
+created.
+
+smaSHeM takes advantage of applications that set weak permissions on
+such segments, allowing an attacker to dump or patch their contents.
+As discussed in the presentation at 44CON 2013 entitled 'I Miss LSD',
+in the case of many X11 applications it is possible to extract pixmaps
+of previously rendered GUI artifacts.  When compiled with QtCore
+linking enabled, smaSHeM aids in that process by brute forcing
+potentially valid dimensions for the raw pixmap dump.
diff -r cb17c5892f8a -r dd305b5d8494 security/smaSHeM/Makefile
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/smaSHeM/Makefile Fri Nov 15 05:11:50 2013 +0000
@@ -0,0 +1,17 @@
+# $NetBSD: Makefile,v 1.1.1.1 2013/11/15 05:11:50 agc Exp $
+
+DISTNAME=      smaSHeM-0.4
+CATEGORIES=    security
+MASTER_SITES=  http://labs.portcullis.co.uk/download/
+
+MAINTAINER=    agc%NetBSD.org@localhost
+HOMEPAGE=      http://labs.portcullis.co.uk/tools/smashem/
+COMMENT=       System V shared memory segment manipulator
+LICENSE=       gnu-gpl-v2
+
+GNU_CONFIGURE= yes
+USE_LANGUAGES+=        c c++
+
+AUTO_MKDIRS=   yes
+
+.include "../../mk/bsd.pkg.mk"
diff -r cb17c5892f8a -r dd305b5d8494 security/smaSHeM/PLIST
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/smaSHeM/PLIST    Fri Nov 15 05:11:50 2013 +0000
@@ -0,0 +1,6 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2013/11/15 05:11:50 agc Exp $
+bin/smaSHeM
+man/man1/smaSHeM.1
+share/doc/smashem/COPYING
+share/doc/smashem/ChangeLog
+share/doc/smashem/INSTALL
diff -r cb17c5892f8a -r dd305b5d8494 security/smaSHeM/STATUS
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/smaSHeM/STATUS   Fri Nov 15 05:11:50 2013 +0000
@@ -0,0 +1,1 @@
+Good to go
diff -r cb17c5892f8a -r dd305b5d8494 security/smaSHeM/distinfo
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/security/smaSHeM/distinfo Fri Nov 15 05:11:50 2013 +0000
@@ -0,0 +1,5 @@
+$NetBSD: distinfo,v 1.1.1.1 2013/11/15 05:11:50 agc Exp $
+
+SHA1 (smaSHeM-0.4.tar.gz) = 2eb22f2db02bd362a350d2d624ac431b1cfadc90
+RMD160 (smaSHeM-0.4.tar.gz) = e968da7aaba5dfdd4050804f88ae08bf840345ab
+Size (smaSHeM-0.4.tar.gz) = 215081 bytes