[tbb-bugs] #23024 [Applications/Tor Browser]: Flags to increase hardening on Windows

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 31 21:36:44 UTC 2017


#23024: Flags to increase hardening on Windows
--------------------------------------+--------------------------------
 Reporter:  arthuredelstein           |          Owner:  tbb-team
     Type:  defect                    |         Status:  needs_revision
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  TorBrowserTeam201707      |  Actual Points:
Parent ID:  #21448                    |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------------

Comment (by cypherpunks):

 Replying to [comment:1 arthuredelstein]:
 > Here's my patch for review. I would suggest we adding it after we have
 transitioned to rbm builds:
 > https://github.com/arthuredelstein/tor-browser-build/commit/23024
 Some kind of wrappers... whether they applied to all TBB parts?
 What to include (by order):
 $COMPILER_WARNINGS (like `-Werror=format-security`)
 $COMPILER_OPTIONS (like `-D_FORTIFY_SOURCE=2`)
 $COMPILER_OPTIMIZATIONS (like `-fno-delete-null-pointer-checks`)
 $LINKER_FLAGS
 `-Wl,--enable-reloc-section` - its name is awful (as awful as that this
 bug is still present). There should be no such flag as this is a part of
 `-Wl,--dynamicbase` by meaning. Firefox has import table, but TBB hasn't.
 There should be a better way to make the toolchain work properly, than a
 specific hack which can't get upstreamed.

 Other flags:
 `-Wl,--image-base,0x10000000` to force relocations.
 `-Wl,--large-address-aware` is always set by the compiler driver (e.g.
 Cygwin gcc). MinGW too (usually yes)? If so, no need for #22477.
 `-Wl,--forceinteg` - Better than nothing. Code integrity checking, while
 no signatures.
 `-Wl,--no-seh` - that's the only part of SafeSEH GCC supports, see
 ticket:20322#comment:3. Upstream to https://dxr.mozilla.org/mozilla-
 esr52/source/old-configure.in#1218
 (`-Wl,--tsaware` - Terminal Server aware - is for upstream only.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23024#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list