Some binaries are missing RELRO in latest linux nightly builds
In the latest nightly builds, the following binaries are missing RELRO:
TorBrowser/Tor/libcrypto.so.1.0.0
TorBrowser/Tor/libevent-2.0.so.5
TorBrowser/Tor/libgmp.so.10
TorBrowser/Tor/libssl.so.1.0.0
When integrating Selfrando (legacy/trac#20683 (moved)), we added our build of gcc and binutil to the PATH, to use them for building elfutils and selfrando. However, our gcc and binutils are now also used for the following builds that are done in gitian/descriptors/linux/gitian-utils.yml
. This also means that the hardening wrappers are not used anymore.
To fix that, we can either:
- reset the PATH and LD_LIBRARY_PATH to their previous value after building selfrando, to keep using the system compiler (and the hardened wrapper) for the other components
- use our gcc build to build the other components, but copy hardened-cc to our gcc build directory, in the same way that we are doing in
gitian/descriptors/linux/gitian-firefox.yml
, to make sure we are using the hardening wrapper