Opened 7 years ago

Closed 5 years ago

#5024 closed enhancement (fixed)

compile time hardening of TBB (RELRO, canary, PIE)

Reported by: cypherpunks Owned by: erinn
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: tbb-security
Cc: gk, intrigeri Actual Points:
Parent ID: #10065 Points:
Reviewer: Sponsor:

Description

Would be nice if TBB (for Linux and OS X at least) would come with gcc hardening features applied.

Output of checksec.sh:

vidalia 3925 No RELRO No canary found NX enabled No PIE
tor 3933 No RELRO No canary found NX enabled No PIE
firefox 3935 No RELRO No canary found NX enabled No PIE

compared to bundled Firefox in Ubuntu:

firefox 8779 Full RELRO Canary found NX enabled PIE enabled

Child Tickets

Change History (15)

comment:1 Changed 7 years ago by Sebastian

Component: Tor BrowserTor bundles/installation
Owner: changed from mikeperry to erinn

comment:2 Changed 7 years ago by gk

Cc: g.koppen@… added

comment:3 Changed 7 years ago by ioerror

I agree - quite an important thing to do. See also bug #5210

comment:4 Changed 7 years ago by T(A)ILS developers

Cc: tails@… added

comment:5 Changed 7 years ago by arma

Summary: comile time hardening of TBB (RELRO, canary, PIE)compile time hardening of TBB (RELRO, canary, PIE)

comment:6 Changed 7 years ago by proper

Priority: normalmajor

Since Firefox is one of the most frequently used applications and therefore heavily targeted, I think this is important to have.

comment:7 Changed 7 years ago by proper

Shouldn't we split this one into separate tickets?

  • Tor already done #5210
  • Vidalia, are they aware of this ticket?
  • Tor Browser

comment:8 Changed 7 years ago by nextgens

I think it's important to have too; With TBB 2.2.39 there is still no hardening at all:

start-tor-brows 10499 No RELRO No canary found NX enabled No PIE

vidalia 10516 No RELRO No canary found NX enabled No PIE

tor 10519 No RELRO No canary found NX enabled No PIE

firefox 10522 No RELRO No canary found NX enabled No PIE

comment:9 Changed 7 years ago by erinn

I think we should break it up too, or at least create a ticket for Vidalia. For Firefox I think we will have to see about borrow Ubuntu/Debian's patch, but I don't even know which version of Firefox they are using and it is going to be tricky if the patch needs regular updating.

comment:10 Changed 5 years ago by erinn

Keywords: needs-triage added

comment:11 Changed 5 years ago by erinn

Component: Tor bundles/installationTor Browser
Keywords: needs-triage removed
Status: newassigned

comment:12 Changed 5 years ago by intrigeri

Cc: intrigeri added; tails@… removed

comment:13 Changed 5 years ago by gk

Cc: gk added; g.koppen@… removed
Keywords: tbb-security added

comment:14 Changed 5 years ago by mikeperry

Parent ID: #10065

comment:15 Changed 5 years ago by mikeperry

Resolution: fixed
Status: assignedclosed

This should be fixed in 3.6.5 and 4.0-alpha-2. We have at least partial RELRO support now.

We will open another bug for full RELRO support.

Note: See TracTickets for help on using tickets.