arti: Add support for process hardening (!672) · Merge requests · The Tor Project / Core / Arti

Nick Mathewson requested to merge nickm/arti:hardening into main Aug 11, 2022

This is a compile-time feature with an associated configuration flag, both enabled by default.

When it's turned on, hardening prevents the arti process from dumping core or being attached to by low-privileged processes. (This is a defense-in-depth measure, not an absolute way to prevent attacks. For more information, see secmem_proc.)

Closes #364 (closed).

arti: Add support for process hardening

Merge request reports