[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #11477 [Tor]: Add an --enable-expensive-compiler-hardening option



#11477: Add an --enable-expensive-compiler-hardening option
------------------------+--------------------------------
     Reporter:  nickm   |      Owner:
         Type:  defect  |     Status:  needs_review
     Priority:  normal  |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------------

Comment (by nickm):

 I've attached a separate patch from starlight on tor-relays (see "running
 Tor relay live with AddressSanitizer") that redirects stdout and stderr
 instead of closing them, and which uses `__sanitizer_sandbox_on_notify()`
 to work well with chroot and other sandboxen.

 This should be conditional on AddressSanitizer being enabled. Perhaps
 `__sanitizer_sandbox_on_notify()` also needs to be integrated with our
 seccomp2 sandboxing. Needs testing.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11477#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs