Hi, I have a couple of ideas to harden curl's code because my project (a
Tor centric anonymity distro: Whonix Project) uses it in a security
sensitive context.
1. Can you please make curl take advantage of seccomp? Its a kernel
syscall filter that greatly restricts what a misbehaving program can do
if its remotely exploited.
2. If your time permits, maybe create and maintain an apparmor profile
for curl in Debian. Profiles for SELinux are welcome as well but I'm
mentioning Apparmor because its predominantly used in Debian (our base).
3. This security tip is not related to curl itself, but in a
post-Snowden age it would make sense if you provide a GPG fingerprint
for the security bug email account so researchers could contact you
about bugs confidentially without a government sniffing this sensitive
information before a fix is available.
4. Compile-time hardening is probably only relevant to Debian package
maintainers, but I'll mention it here if thats ok. The checksec script
reports that only partial RELRO is supported and PIE hardening isn't
enabled at all. I am discussing this with the maintainer. If needed, can
you please consider making the necessary changes to cur to support all
hardening flags?
Thanks.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
