#22660: Guard against stack smashing attacks in tor -------------------------------------------------+------------------------- Reporter: teor | Owner: nickm Type: defect | Status: | needs_review Priority: Medium | Milestone: Tor: | 0.3.2.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: tor-hardening, security | Actual Points: 029-backport 030-backport 031-backport | Parent ID: | Points: 0.5 Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by teor): Replying to [comment:2 nickm]: > We already have -fstack-protector-all, but I guess it doesn't include this? > > Also, we should never be installed SUID, yeah? tor relays often launch tor as root, but I don't know of any common setups that allow a local unprivileged user to influence its torrc. I'd be more worried about network attacks based on research like this: the researchers couldn't rule them out. > When I try to build with this, I get many `/usr/bin/ld: warning: -z noexecheap ignored.` warnings. I don't know if that's something I should be concerned about. I wonder if your linker supports noexecheap? -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22660#comment:4> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs