Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 29 Oct 2016 11:51:03 -0200
From: Daniel Simon <>
Subject: Re: [Proposal] A simple way to make Tor-Browser-Bundle more portable
 and secure

Anyone got further into this?
It would be a joint-project between musl and tor organizations.
Maybe for GSoC 2017 if nobody works on it until then?

On Mon, May 9, 2016 at 11:15 AM, Daniel Simon <> wrote:
> Hello.
> How it's currently done - The Tor Browser Bundle is dynamically linked
> against glibc.
> Security problem - The Tor Browser Bundle has the risk of information
> about the host system's library ecosystem leaking out onto the
> network.
> Portability problem - The Tor Browser Bundle can't be run on systems
> that don't use glibc, making it unusable due to different syscalls.
> Solution proposed - Static link the Tor Browser Bundle with musl
> libc.[1] It is a simple and fast libc implementation that was
> especially crafted for static linking. This would solve both security
> and portability issues.
> What is Tor developers' opinion about this? I personally don't see any
> drawbacks and would be interested in discussing this further.
> Sincerely,
> Daniel
> [1]

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.