On Thu, Apr 10, 2014 at 11:53 PM, <starlight.201...@binnacle.cx> wrote: > I updated the patch to > > 1) have AS close /proc > > 2) enable core dump files > > One should add > > /proc /chroot_tor/proc none noauto,bind 0 0 > > to /etc/fstab (note the 'noauto'). > Then the 'tor' startup script does a > > mount /chroot_tor/proc > ...start tor > sleep 10 > umount /chroot_tor/proc > > And it works like a charm. 'tor' starts > up with full AddressSanitizer monitoring > but with no pesky /proc file system > available to potential attackers. > > Attached are the patch and the > /etc/rc.d/init.d/tor
I'm sold on integrating AddressSanitizer into Tor as a compile-time option. I've got a ticket for doing so #11477 (https://trac.torproject.org/projects/tor/ticket/11477). I've uploaded your patch there, and am looking into how to better integrate it. If you could make sure that the code _I_ have successfully builds Tor with AddressSanitizer when you configure --enable-compiler-hardening, that would rock. (If you like sandboxes, and Linux, you might also like to try the seccomp2 sandbox code, once Tor 0.2.5.4-alpha is out. It's present in Tor 0.2.5.3-alpha, but it's kind of buggy.) Also, see bug #11232 (https://trac.torproject.org/projects/tor/ticket/11232) for the stuff I found running under AddressSanitizer and ubsan already. best wishes, -- Nick _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays