Author: glen Date: Wed Apr 15 08:28:32 2009 GMT
Module: SPECS Tag: HEAD
---- Log message:
- new
---- Files affected:
SPECS:
pixy.spec (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SPECS/pixy.spec
diff -u /dev/null SPECS/pixy.spec:1.1
--- /dev/null Wed Apr 15 10:28:32 2009
+++ SPECS/pixy.spec Wed Apr 15 10:28:27 2009
@@ -0,0 +1,79 @@
+# $Revision$, $Date$
+# TODO
+# - create .jar instead of using two trees of .classes
+# - external dep for lib/* classes
+%define ver %(echo %{version} | tr . _)
+Summary: Pixy: XSS and SQLI Scanner for PHP Programs
+Name: pixy
+Version: 3.02
+Release: 0.5
+License: Gentleperson's Agreement
+Group: Development/Languages/Java
+Source0: http://pixybox.seclab.tuwien.ac.at/pixy/dist/%{name}_%{ver}.zip
+# Source0-md5: 037873e8cdfc0d616697798837d76706
+URL: http://pixybox.seclab.tuwien.ac.at/pixy/index.php
+BuildRequires: rpmbuild(macros) >= 1.461
+Requires: jre
+Requires: junit
+BuildArch: noarch
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+
+%define _appdir %{_datadir}/%{name}
+
+%description
+Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities
+are present in many modern web applications, and are reported
+continuously on pages such as BugTraq. In the past, finding such
+vulnerabilities usually involved manual source code audits.
+Unfortunately, this manual vulnerability search is a very tiresome and
+error-prone task.
+
+%prep
+%setup -q -n Pixy
+
+rm -f lib/junit.jar
+# create startup script in shell
+cat > pixy.sh <<'EOF'
+#!/bin/sh
+# minimum and maximum memory that you want Pixy to use
+mem_min=256m
+mem_max=1024m
+
+# setup pixy_home, maybe overridden by env var
+PIXY_HOME="${PIXY_HOME:-$HOME/.pixy}"
+if [ ! -d "$PIXY_HOME" ]; THEN
+ echo >&2 "Setting up $PIXY_HOME"
+ mkdir -m700 "$PIXY_HOME"
+ mkdir -m700 "$PIXY_HOME/config"
+ cp -a %{_appdir}/config/* "$PIXY_HOME/config"
+fi
+
+CLASSPATH="%{_appdir}/lib:%{_appdir}/class:$(find-jar junit)"
+exec java -Xms$mem_min -Xmx$mem_max -Dpixy.home="$PIXY_HOME" -classpath
"$CLASSPATH" at.ac.tuwien.infosys.www.pixy.Checker -a -y xss:sql ${1:+"$@"}
+EOF
+
+%install
+rm -rf $RPM_BUILD_ROOT
+install -d $RPM_BUILD_ROOT{%{_appdir},%{_bindir}}
+# classes. TODO: include into jar, both of these
+cp -a lib build/class $RPM_BUILD_ROOT%{_appdir}
+# sample config
+cp -a config $RPM_BUILD_ROOT%{_appdir}
+install pixy.sh $RPM_BUILD_ROOT%{_bindir}/pixy
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files
+%defattr(644,root,root,755)
+%attr(755,root,root) %{_bindir}/pixy
+%{_appdir}
+
+%define date %(echo `LC_ALL="C" date +"%a %b %d %Y"`)
+%changelog
+* %{date} PLD Team <[email protected]>
+All persons listed below can be reached at <cvs_login>@pld-linux.org
+
+$Log$
+Revision 1.1 2009/04/15 08:28:27 glen
+- new
================================================================
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
