[tor-bugs] #11477 [Tor]: Add an --enable-expensive-compiler-hardening option
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 16 00:35:32 UTC 2014
#11477: Add an --enable-expensive-compiler-hardening option
------------------------+--------------------------------
Reporter: nickm | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
------------------------+--------------------------------
Comment (by nickm):
I've attached a separate patch from starlight on tor-relays (see "running
Tor relay live with AddressSanitizer") that redirects stdout and stderr
instead of closing them, and which uses `__sanitizer_sandbox_on_notify()`
to work well with chroot and other sandboxen.
This should be conditional on AddressSanitizer being enabled. Perhaps
`__sanitizer_sandbox_on_notify()` also needs to be integrated with our
seccomp2 sandboxing. Needs testing.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11477#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list