What protections are present in the hardened Tor Browser?
I wanted to know what exactly is different in the hardened series. The master..hardened-builds diff has many spurious changes and is not that clear: https://gitweb.torproject.org/builders/tor-browser-bundle.git/diff/?id=harde... The best I can tell, the differences are: * ASan * --enable-expensive-hardening for tor (enables -fsanitize=address, -fsanitize=undefined, and -fno-omit-frame-pointer) * selfrando
David Fifield:
I wanted to know what exactly is different in the hardened series.
The master..hardened-builds diff has many spurious changes and is not that clear: https://gitweb.torproject.org/builders/tor-browser-bundle.git/diff/?id=harde...
The best I can tell, the differences are: * ASan * --enable-expensive-hardening for tor (enables -fsanitize=address, -fsanitize=undefined, and -fno-omit-frame-pointer) * selfrando
This is correct. Additionally, we compile the browser part with -fwrapv. Note, selfrando is not in the alpha series available yet only in nightly builds. This will change with the next release, though. Georg _______________________________________________
tbb-dev mailing list tbb-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev
participants (2)
-
David Fifield -
Georg Koppen