[tor-bugs] #21011 [Applications/Tor Browser Sandbox]: Disable JavaScript JIT
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Dec 20 09:13:07 UTC 2016
#21011: Disable JavaScript JIT
----------------------------------------------+-------------------------
Reporter: cypherpunks | Owner: yawning
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: sandbox-security | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by cypherpunks):
Replying to [comment:12 yawning]:
> Replying to [comment:10 cypherpunks]:
> > Unless my understanding of how Firefox deals with OpenBSD's W!^X
protections are totally off, then it seems to me like it would not play
nicely with PAX_MPROTECT.
>
> Yeah I was wrong sorry. The stupid package for my distribution sets a
bunch of flags.
Well shit... But isn't there some patch which OpenBSD (and iOS) uses which
disables RWX pages entirely? I bet that could be implemented via an
`LD_PRELOAD` hook so this can work on grsec, unless that patch was the one
for FF46.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21011#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list