abuild: check for non-PIE suid files

fixes #955

abuild.in

@@ -552,6 +552,15 @@ postcheck() {
 		warning "World writeable directories found:"
 		echo "$i"
 	fi
+	# check so we dont have any suid root binaries that are not 
+	i=$(find "$dir" -type f -perm +6000 \
+		| xargs scanelf --nobanner --etype ET_EXEC \
+		| sed "s|ET_EXEC $dir|\t|")
+	if [ -n "$i" ]; then
+		error "Found non-PIE files that has SUID:"
+		echo "$i"
+		return 1
+	fi
 	return 0
 }