Opened 17 months ago

Closed 14 months ago

Last modified 11 months ago

#23025 closed defect (fixed)

Flags to increase hardening on macOS

Reported by: arthuredelstein Owned by: arthuredelstein
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: TorBrowserTeam201710R, tbb-rbm, tbb-not-backported
Cc: Actual Points:
Parent ID: #21448 Points:
Reviewer: Sponsor:

Description

We can add the following flags to our Mac build for some extra protection:

-fstack-protector-strong
-D_FORTIFY_SOURCE=2
-Werror=format
-Werror=format-security

Child Tickets

Change History (9)

comment:1 Changed 17 months ago by arthuredelstein

Keywords: TorBrowserTeam201707R added; TorBrowserTeam201707 removed
Status: newneeds_review

Here's a patch for review. We can add these after the transition to rbm.

https://github.com/arthuredelstein/tor-browser-build/commit/23025

comment:2 Changed 17 months ago by gk

Keywords: TorBrowserTeam201708R added; TorBrowserTeam201707R removed

Moving review tickets to August.

comment:3 Changed 16 months ago by gk

Keywords: TorBrowserTeam201709R added; TorBrowserTeam201708R removed

Moving reviews to September.

comment:4 Changed 15 months ago by gk

Status: needs_reviewneeds_information

Hm. I am a bit hesitant using CPPFLAGS here as they are (strictly speaking) not preprocessor related. Would you mind putting the flags into something like HARDENING_FLAGS adding it as we add FLAGS?

comment:5 Changed 15 months ago by cypherpunks

Keywords: TorBrowserTeam201709 added; TorBrowserTeam201709R removed

-D_FORTIFY_SOURCE=2 too?
However, it may make sense while https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=653916.

-Werror=format-security is not always active, at least in GCC < 7: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79677.

comment:6 Changed 15 months ago by gk

Keywords: TorBrowserTeam201710 added; TorBrowserTeam201709 removed

Items for October 2017

comment:7 in reply to:  4 Changed 15 months ago by arthuredelstein

Keywords: TorBrowserTeam201710R added; TorBrowserTeam201710 removed
Status: needs_informationneeds_review

Replying to gk:

Hm. I am a bit hesitant using CPPFLAGS here as they are (strictly speaking) not preprocessor related. Would you mind putting the flags into something like HARDENING_FLAGS adding it as we add FLAGS?

You are right. Here's a new version.
https://github.com/arthuredelstein/tor-browser-build/commit/23025+1

comment:8 Changed 14 months ago by gk

Keywords: tbb-rbm tbb-backport added
Resolution: fixed
Status: needs_reviewclosed

Applied to master with commit 6d0193cd71a4969207d7813029722c48a64bb7de. I pushed a commit to tor-browser-52.4.0esr-7.5-1 as well to allow building just the Firefox part outside of rbm (commit cf8aaea952b4e83eead22b78a5221ff5783d8fab). This is needed until #23656 is fixed.

comment:9 Changed 11 months ago by gk

Keywords: tbb-not-backported added; tbb-backport removed

Not backported but will be available in 7.5.

Note: See TracTickets for help on using tickets.