[tor-bugs] #20955 [Applications/Tor Browser]: Tor Browser memory hardening
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 20 04:09:33 UTC 2017
#20955: Tor Browser memory hardening
--------------------------------------+--------------------------
Reporter: arthuredelstein | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: tbb-security | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by cypherpunks):
I'm a bit weary about using a memory allocator from a research paper.
There are alternatives that are actively developed and regularly used in
production systems, like OpenBSD malloc and Copperhead malloc. They also
do not come with the risk of the authors not maintaining the source as
they move on to another research project. Personally, I would very
strongly recommend the Copperhead malloc, as it's an improvement over even
the OpenBSD malloc in quite a few ways, and has some very interesting
hardening techniques planned for the future.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20955#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list