From mboxrd@z Thu Jan  1 00:00:00 1970
From: ng0 <contact.ng0@cryptolab.net>
Subject: tor package: reconsider --with-openbsd-malloc
Date: Sat, 8 Apr 2017 16:15:12 +0000
Message-ID: <20170408161512.ydlyuvp72q7i43lf@abyayala>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:41167)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <contact.ng0@cryptolab.net>) id 1cwt1F-0004Gc-78
	for guix-devel@gnu.org; Sat, 08 Apr 2017 12:15:22 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <contact.ng0@cryptolab.net>) id 1cwt1C-0007Wb-2K
	for guix-devel@gnu.org; Sat, 08 Apr 2017 12:15:21 -0400
Received: from fragranza.investici.org ([2a00:1dc0:2479::19]:60568)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <contact.ng0@cryptolab.net>)
	id 1cwt1B-0007WB-NM
	for guix-devel@gnu.org; Sat, 08 Apr 2017 12:15:17 -0400
Received: from [178.175.144.26] (fragranza [178.175.144.26]) (Authenticated
	sender: niasterisk@grrlz.net) by localhost (Postfix) with
	ESMTPSA id D7AD02C0145
	for <guix-devel@gnu.org>; Sat,  8 Apr 2017 16:15:14 +0000 (UTC)
Content-Disposition: inline
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: guix-devel@gnu.org

A while back I introduced the hardening flags to the tor package.

TGR wrote about an additional option, --with-openbsd-malloc, which can
be used[0].
Now I know that some (or only one?) of the settings I introduced will be
dropped again (after a long time) in one of the next releases of tor.

My "tor" process on clients in htop displays a constant 20.0T for the
virtual size, a resident size of around 525M, and in fact only 464(M?)
of the 20.0T are sharable.

If we would compile tor with openbsd malloc, we would have more cpu
load but apparently the process would be easier on the RAM. I would be
surprised if anyone is running a relay (non-exit, exit) with GuixSD or tor from Guix
already, but if you do and you can speak out about it without facing issues
for making it publicly known, your advice is welcome.
You can also contact me offlist, my keys can be found on
https://people.pragmatique.xyz/ng0/ or on the sks keyservers.

If no one replies within a sufficient timeframe of 4 weeks, I will go
ahead and create a patch for what TGR adviced back then.

Of course I'm also interested in the opion of those who just use it as a
client.

0: https://lists.gnu.org/archive/html/guix-devel/2017-01/msg02306.html