Tor hardening at compile time
Jacob Appelbaum
jacob at appelbaum.net
Sat May 8 14:09:55 UTC 2010
andrew at torproject.org wrote:
> On Fri, May 07, 2010 at 03:15:07PM +0200, jacob at appelbaum.net wrote 6.0K bytes in 166 lines about:
> : You can use it like so:
> : ./autogen.sh && ./configure --enable-gcc-warnings --enable-gcc-hardening
> : --enable-linker-hardening && make && sudo make install
>
> Here are the results from OSX 10.5 build machine:
>
> CFLAGS="-O -g -mmacosx-version-min=10.4 -isysroot
> /Developer/SDKs/MacOSX10.4u.sdk -arch i386"
> LDFLAGS="-Wl,-syslibroot,/Developer/SDKs/MacOSX10.4u.sdk"
> CONFDIR=/Library/Tor ./configure --prefix=/Library/Tor
> --bindir=/Library/Tor --sysconfdir=/Library
> --disable-dependency-tracking gcc="4.0" --enable-gcc-warnings
> --enable-gcc-hardening --enable-linker-hardening
>
> configure: error: C compiler cannot create executables
>
> attached is the config.log
>
Hi Andrew,
Thanks for your testing.
Can you try that again but this time without '--enable-linker-hardening'
in your ./configure configuring? We can't support linker hardening for
ELF and Mac OS X uses the Mach-O binary format.
Try to do the following configure command?
CFLAGS="-O -g -mmacosx-version-min=10.4 -isysroot
/Developer/SDKs/MacOSX10.4u.sdk -arch i386"
LDFLAGS="-Wl,-syslibroot,/Developer/SDKs/MacOSX10.4u.sdk"
CONFDIR=/Library/Tor ./configure --prefix=/Library/Tor
--bindir=/Library/Tor --sysconfdir=/Library
--disable-dependency-tracking gcc="4.0" --enable-gcc-warnings
--enable-gcc-hardening
All the best,
Jacob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 793 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20100508/dbb490ed/attachment.pgp>
More information about the tor-dev
mailing list