On Oct 29, 2016 12:52 PM, "Yawning Angel" yawning@schwanenlied.me wrote:
On Sat, 29 Oct 2016 11:51:03 -0200 Daniel Simon ddanielsimonn@gmail.com wrote:
Solution proposed - Static link the Tor Browser Bundle with musl libc.[1] It is a simple and fast libc implementation that was especially crafted for static linking. This would solve both security and portability issues.
This adds a new security issue of "of all the things that should have ASLR, it should be libc, and it was at one point, but we started statically linking it for some stupid reason".
If this is accurate, that statically linking will enable pre-built rop chains because libc is at a predictable memory address, I would strongly oppose it for this reason alone.
It would be a major step backwards in security.
-tom