[tbb-bugs] #21448 [Applications/Tor Browser]: Identify what build flags we should be using for security, and use them

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 31 17:27:26 UTC 2017


#21448: Identify what build flags we should be using for security, and use them
--------------------------------------+--------------------------
 Reporter:  arthuredelstein           |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-security              |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by cypherpunks):

 Replying to [comment:13 arthuredelstein]:
 During your investigations Mozilla suddenly started to harden Firefox :0.
 So this looks like the third part of Tor Patch Uplifting project (next to
 FPI and fingerprinting). (Mark their tickets accordingly ;)
 >  * `-z,relro,-z,now` fails (is there an equivalent flag for Windows
 binaries?)
 This is how it works on Windows by default, no equivalents required.
 `-Wl,-z,relro,-z,now` when "Options passed to the compiler when linking
 executables or shared objects" or `-z relro -z now` "if the linker is
 called directly".
 `relro` - "Create an ELF PT_GNU_RELRO segment header in the object." (i.e.
 Linux only)
 This is https://bugzilla.mozilla.org/show_bug.cgi?id=1359912 (and
 dependencies!)
 `now` - Don't use Linux-only lazy binding
 This is https://bugzilla.mozilla.org/show_bug.cgi?id=1359918
 >  * `Werror=format` throws errors (around uses of `%lld`)
 Mozilla uses `-Wno-format`, because "# We use mix of both POSIX and Win32
 printf format across the tree, so format warnings are useless on mingw."
 But, suddenly, https://bugzilla.mozilla.org/show_bug.cgi?id=1359915
 >  * `-fstack-protector-strong`
 [https://sourceforge.net/p/mingw-w64/discussion/723798/thread/de524c41/
 didn't build]; in #23024 I propose trying `-fstack-protector-all` instead.
 This is https://bugzilla.mozilla.org/show_bug.cgi?id=620058, but have you
 noticed https://bugzilla.mozilla.org/show_bug.cgi?id=1359905?
 `-fstack-protector-all` is better for security.

 Also see https://gitweb.torproject.org/builders/tor-browser-
 bundle.git/tree/gitian/descriptors/windows/gitian-utils.yml#n129 and
 below...

 Some thoughts about comment:10?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21448#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list