[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21448 [Applications/Tor Browser]: Identify what build flags we should be using for security, and use them

Subject: Re: [tor-bugs] #21448 [Applications/Tor Browser]: Identify what build flags we should be using for security, and use them
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 24 Jul 2017 16:50:12 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 24 Jul 2017 12:50:26 -0400
In-reply-to: <055.d281c1a44b49721638e7845092e0bca9@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <055.d281c1a44b49721638e7845092e0bca9@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21448: Identify what build flags we should be using for security, and use them
--------------------------------------+--------------------------
 Reporter:  arthuredelstein           |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-security              |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by arthuredelstein):

 After a lot of experimentation, I opened #23024 and #23025 to add some
 extra hardening flags for Windows and Mac respectively. In the meantime I
 also found several promising flags didn't work after all:

 Windows (mingw cross-compile):
  * `-z,relro,-z,now` fails (is there an equivalent flag for Windows
 binaries?)
  * `Werror=format` throws errors (around uses of `%lld`)
  * `-fstack-protector-strong`
 [https://sourceforge.net/p/mingw-w64/discussion/723798/thread/de524c41/
 didn't build]; in #23024 I propose trying `-fstack-protector-all` instead.

 macOS (clang-based cross compile):
  * `-z,relro,-z,now` fails (is there an equivalent flag for Mac binaries?)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21448#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #23062 [Applications/Tor Browser]: Tor browser bundle crashed when clicking on a link
Next by Author: Re: [tor-bugs] #19987 [Core Tor/Tor]: Unit Test Guard, Middle, Exit, Intro, and Rend node choices
Previous by thread: Re: [tor-bugs] #23025 [Applications/Tor Browser]: Flags to increase hardening on macOS
Next by thread: Re: [tor-bugs] #21448 [Applications/Tor Browser]: Identify what build flags we should be using for security, and use them
Index(es):
- Author
- Thread