On 3 Feb 2017, at 08:57, teor teor2345@gmail.com wrote:
On 3 Feb 2017, at 08:52, Tom Ritter tom@ritter.vg wrote:
I guess what I'm trying to figure out is: if we aggressively move all hardening features we can into Alpha and then release; either the 'Hardened' version is really a Pre-Alpha (with ASAN for catching more bugs) or it's a Debug version. If it's pre-alpha, cool, let's make an alpha, beta, and release channel. If it's Debug, cool, it's Debug. =)
Core tor just made a similar change in master, expensive hardening is now:
--enable-fragile-hardening enable more fragile and expensive compiler hardening; makes Tor slower
Also, we added this wiki entry:
https://trac.torproject.org/projects/tor/wiki/doc/TorFragileHardening
This change was prompted by TROVE-2016-12-002:
https://trac.torproject.org/projects/tor/ticket/21018
T