[tbb-dev] What protections are present in the hardened Tor Browser?

Georg Koppen gk at torproject.org
Tue Jun 28 08:31:30 UTC 2016

David Fifield:
> I wanted to know what exactly is different in the hardened series.
> The master..hardened-builds diff has many spurious changes and is not
> that clear:
> https://gitweb.torproject.org/builders/tor-browser-bundle.git/diff/?id=hardened-builds&id2=master
> The best I can tell, the differences are:
>  * ASan
>  * --enable-expensive-hardening for tor (enables -fsanitize=address,
>    -fsanitize=undefined, and -fno-omit-frame-pointer)
>  * selfrando

This is correct. Additionally, we compile the browser part with -fwrapv.
Note, selfrando is not in the alpha series available yet only in nightly
builds. This will change with the next release, though.

> tbb-dev mailing list
> tbb-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tbb-dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20160628/52989206/attachment.sig>

More information about the tbb-dev mailing list