Opened 3 years ago

Closed 3 years ago

#22238 closed defect (fixed)

The firefox binary in Tor Browser 7.0a3 for Linux is not PIE

Reported by: boklm Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-security, tbb-hardened, TorBrowserTeam201705R
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

The firefox, plugin-container and updater binaries are not PIE.

We can fix that by adding ac_add_options --enable-pie to the mozconfig file.

Child Tickets

Attachments (1)

0001-Bug-22238-make-the-firefox-binaries-PIE-on-Linux.patch (890 bytes) - added by boklm 3 years ago.

Download all attachments as: .zip

Change History (8)

comment:1 Changed 3 years ago by boklm

Keywords: TorBrowserTeam201705R added
Status: newneeds_review

I attached a patch adding ac_add_options --enable-pie. I checked in a build with rbm that it makes the firefox binary PIE.

comment:2 Changed 3 years ago by gk

Do you know what changed to make this necessary now? We did not change the compiler version and we still have export DEB_BUILD_HARDENING_PIE=1.

comment:3 Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

This is now commit b51157dc9a520a693c2fb27ab3213e3bdf1cb5f1 on tor-browser-52.1.0esr-7.0-2. Would still be nice to understand what made this change necessary.

comment:4 in reply to:  2 Changed 3 years ago by boklm

Resolution: fixed
Status: closedreopened

Replying to gk:

Do you know what changed to make this necessary now? We did not change the compiler version and we still have export DEB_BUILD_HARDENING_PIE=1.

Good question. After looking at what changed, I suspect this might be caused by this commit:
https://hg.mozilla.org/mozilla-central/rev/f8cf0fe7c810

Before this commit, I think we were using c++ as the compiler, and after this commit g++ is being used.

In gitian/descriptors/linux/gitian-firefox.yml we are doing:

  mv gcc gcc.real
  mv c++ c++.real
  ln -sf hardened-cc gcc
  ln -sf hardened-cc c++

So we are using the hardened wrapper if the c++ command is used, but not if the g++ command is used.

So maybe a better fix would be to add a g++ -> hardened-cc symlink in gitian/descriptors/linux/gitian-firefox.yml.

comment:5 Changed 3 years ago by gk

Could you test that and provide a patch for the upcoming alpha?

comment:6 Changed 3 years ago by boklm

Status: reopenedneeds_review

I pushed the branch bug_22238 adding a g++ -> hardened-cc symbolic link:
https://gitweb.torproject.org/user/boklm/tor-browser-bundle.git/commit/?h=bug_22238

I tried a similar change in rbm, without the --enable-pie option in mozconfig, and this fixed the problem.

comment:7 Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

Thanks, looks better. :) Merged to master (commit 48b68f84b34aef3567aeffe6932ff1e40d900f2b) and I backed out the patch on tor-browser-52.1.0esr-7.0-2 (commit c474e8a83bff73cff6a26aac945e110bc44846a0).

Note: See TracTickets for help on using tickets.