[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #20439 [Applications/Tor Browser]: The firefox binary in Tor Browser on OSX is not PIE
#20439: The firefox binary in Tor Browser on OSX is not PIE
--------------------------------------+--------------------------
Reporter: boklm | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-hardened | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by boklm):
Replying to [comment:2 gk]:
> I think ideally I'd like to have all necessary changes in one place and
not split into different repos (especially if it is only about setting the
proper compiler/linker flags).
> I am not sure, though, I understand yet why your first try is failing
while the second succeeds.
I am not completely sure either, but it looks like libtool in
`js/src/ctypes/libffi` is parsing the arguments to find the type of
command it is running, and having `-fPIE` in the arguments makes it fail.
I think the second succeeds because `-fPIE` is not in the list of
arguments in this case.
A better fix might be to patch libffi to use the `--tag=` options when
calling libtool. I will try that.
> Thus, it is a bit hard to make a good case for e.g. putting everything
into .mozconfig-mac. That said, if missing PIE affects other components as
well (tor comes to mind here) we might indeed want to think about a more
general, non-mozconfig solution anyway...
tor is not affected, I think because the configure.ac is adding the
`-fPIE` and `-pie` flags. The pluggable transports are not PIE, but they
are not built using llvm. So the only component affected by this at the
moment seems to be firefox.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20439#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs