[tbb-dev] [tor-qa] 64 bit Mac Builds?
Tom Ritter
tom at ritter.vg
Sun Sep 7 15:38:11 UTC 2014
On 5 September 2014 02:58, Georg Koppen <gk at torproject.org> wrote:
> Mike Perry:
>> Does this enable full ASLR, along with any other OSX hardening options
>> that you saw in Firefox that we were lacking, or do we still need the
>> 10.7 SDK for those?
>
> For what it is worth we need to switch to the 10.7 SDK for ESR 38
> anyway. See: https://bugs.torproject.org/12761. Thus, we might want to
> start early (i.e. after ESR 31 based bundles got out) which would allow
> us to solve one blocker for the ESR 38 based release beforehand. Note,
> though, that switching to the 10.7 SDK is perfectly possible with
> supporting 10.6.
You will not need the 10.6 SDK to enable full ASLR, since Mozilla was
doing it with 10.6.
I think the judicious inclusion of -fPIE in CFLAGS[0] gives me very
good confidence that ASLR is enabled, even though the flag may not
actually be necessary. But there is a different problem. tor.exe
(tor.real on mac) is mapped into memory, and it does _not_ have ASLR,
and thus its libraries are loaded predictably. That's next on the
docket to figure out...
If you can find a 10.7 SDK for Unix (the repo you got the 10.6 SDK
from doesn't have a 10.7) I can give it a shot, independent of my
other efforts. Looking at backscroll, it seems like you might have
started that process?
-tom
[0] https://github.com/tomrittervg/tor-browser/commit/6971bbb73a7e5bbbca96da8e24bd847160e67fca
More information about the tbb-dev
mailing list