[tor-bugs] #22361 [Applications/Tor Browser]: Some binaries are missing RELRO in latest linux nightly builds
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 24 10:56:54 UTC 2017
#22361: Some binaries are missing RELRO in latest linux nightly builds
-------------------------------------+-------------------------------------
Reporter: boklm | Owner: boklm
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor | Version:
Browser | Keywords: TorBrowserTeam201705,
Severity: Normal | tbb-7.0-must
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------+-------------------------------------
In the latest nightly builds, the following binaries are missing RELRO:
{{{
TorBrowser/Tor/libcrypto.so.1.0.0
TorBrowser/Tor/libevent-2.0.so.5
TorBrowser/Tor/libgmp.so.10
TorBrowser/Tor/libssl.so.1.0.0
}}}
When integrating Selfrando (#20683), we added our build of gcc and binutil
to the PATH, to use them for building elfutils and selfrando. However, our
gcc and binutils are now also used for the following builds that are done
in `gitian/descriptors/linux/gitian-utils.yml`. This also means that the
hardening wrappers are not used anymore.
To fix that, we can either:
- reset the PATH and LD_LIBRARY_PATH to their previous value after
building selfrando, to keep using the system compiler (and the hardened
wrapper) for the other components
- use our gcc build to build the other components, but copy hardened-cc to
our gcc build directory, in the same way that we are doing in
`gitian/descriptors/linux/gitian-firefox.yml`, to make sure we are using
the hardening wrapper
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22361>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list