On Sat, 29 Oct 2016 11:51:03 -0200 Daniel Simon <ddanielsimonn@xxxxxxxxx> wrote: > > Solution proposed - Static link the Tor Browser Bundle with musl > > libc.[1] It is a simple and fast libc implementation that was > > especially crafted for static linking. This would solve both > > security and portability issues. This adds a new security issue of "of all the things that should have ASLR, it should be libc, and it was at one point, but we started statically linking it for some stupid reason". Having to rebuild the browser when the libc needs to be updated seems terrible as well. > > What is Tor developers' opinion about this? I personally don't see > > any drawbacks and would be interested in discussing this further. There, opinions. Regards, -- Yawning Angel
Attachment:
pgpMeDRJiNhea.pgp
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev