[tor-relays] running Tor relay live with AddressSanitizer
starlight.2014q2 at binnacle.cx
starlight.2014q2 at binnacle.cx
Fri Apr 11 03:53:48 UTC 2014
I updated the patch to
1) have AS close /proc
2) enable core dump files
One should add
/proc /chroot_tor/proc none noauto,bind 0 0
to /etc/fstab (note the 'noauto').
Then the 'tor' startup script does a
mount /chroot_tor/proc
...start tor
sleep 10
umount /chroot_tor/proc
And it works like a charm. 'tor' starts
up with full AddressSanitizer monitoring
but with no pesky /proc file system
available to potential attackers.
Attached are the patch and the
/etc/rc.d/init.d/tor
startup script.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tor-0.2.4.21-as.patch
Type: application/octet-stream
Size: 2613 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140410/f7c59fc6/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tor
Type: application/octet-stream
Size: 1192 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140410/f7c59fc6/attachment-0001.obj>
More information about the tor-relays
mailing list