[tor-bugs] #20976 [Applications/Tor Browser Sandbox]: Official `sandboxed-tor-browser` binaries break with PaX MPROTECT.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Dec 20 07:02:33 UTC 2016
#20976: Official `sandboxed-tor-browser` binaries break with PaX MPROTECT.
----------------------------------------------+-------------------------
Reporter: yawning | Owner: yawning
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by cypherpunks):
Do you have any more information about the crash? What library shows a
denied RWX mmap in the kernel log? What do the logs from `strace -fe
trace=memory,process` say?
I really doubt it has anything to do with a deterministic build setup. The
only things `PAX_MPROTECT` does are:
* Prevents creation of RWX mappings
* Prevents creation of RX anonymous mappings
* Prevents making a non-executable mapping executable
* Prevents making an RX mapping writable with the exception of performing
relocations on a non-PIC library
Deterministic shouldn't change the behavior of Firefox itself in a way
that would violate any of these. My guess is you're linking in a library
which for some reason tries to create an RWX mapping. But given that the
current ESR breaks due to creating RWX mappings for JIT, I haven't even
played with it myself.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20976#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list