[tor-dev] Analysis of ASan usage
maillist at kubieziel.de
Thu Feb 18 12:00:45 UTC 2016
oss-security lately had a posting with the title »Address Sanitizer
The author showed that building a suid binary with ASan enables local
root exploits. He also shows some other problems with this approach.
In his posting he mentions the Tor Browser and recommends to not use the
word »hardened«, because it is misleading.
Jens Kubieziel http://www.kubieziel.de
Vielleicht verdirbt Geld tatsächlich den Charakter. Auf keinen Fall aber macht
ein Mangel an Geld ihn besser. Jonathan Swift
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: Digital signature
More information about the tor-dev