Add configure-flags to tor.

guix-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Add configure-flags to tor.

From:	contact . ng0
Subject:	Add configure-flags to tor.
Date:	Wed, 25 Jan 2017 09:31:06 +0000

This adds tor hardening flags.  Do you want me to document the flags in the 
package? I left it out since it's documented in the tor release itself.

Taken from ReleaseNotes:

'--enable-expensive-hardening'

   New --enable-expensive-hardening option to enable security
   hardening options that consume nontrivial amounts of CPU and
   memory. Right now, this includes AddressSanitizer and UbSan, which
   are supported in newer versions of GCC and Clang. Closes ticket
   11477.

'--enable-gcc-hardening'

  New "--enable-gcc-hardening" ./configure flag (off by default)
  to turn on gcc compile time hardening options. It ensures
  that signed ints have defined behavior (-fwrapv), enables
  -D_FORTIFY_SOURCE=2 (requiring -O2), adds stack smashing protection
  with canaries (-fstack-protector-all), turns on ASLR protection if
  supported by the kernel (-fPIE, -pie), and adds additional security
  related warnings. Verified to work on Mac OS X and Debian Lenny.

'--enable-linker-hardening'

  New "--enable-linker-hardening" ./configure flag (off by default)
  to turn on ELF specific hardening features (relro, now). This does
  not work with Mac OS X or any other non-ELF binary format.

[Prev in Thread]

Current Thread

[Next in Thread]

Add configure-flags to tor., contact . ng0 <=
- [PATCH] gnu: tor: Add hardening configure-flags., contact . ng0, 2017/01/25
  - Re: [PATCH] gnu: tor: Add hardening configure-flags., Leo Famulari, 2017/01/30
  - Re: [PATCH] gnu: tor: Add hardening configure-flags., Ludovic Courtès, 2017/01/30

Prev by Date: Re: [PATCH] gnu: Add emacs-mew.
Next by Date: [PATCH] gnu: tor: Add hardening configure-flags.
Previous by thread: [PATCH] gnu: Add stunnel.
Next by thread: [PATCH] gnu: tor: Add hardening configure-flags.
Index(es):
- Date
- Thread