| 1 |
On 04/14/2014 10:48 AM, Tiziano Müller wrote: |
| 2 |
> Am 13.04.2014 22:42, schrieb Joshua Kinard: |
| 3 |
>> So one of the side-discussions happening after Heartbleed was the fact that |
| 4 |
>> OpenSSL has its own memory allocator code that effectively mitigates any C |
| 5 |
>> library-provided exploit mitigations (as discussed on the openbsd-misc ML at |
| 6 |
>> [1] and Ted Unangst's blogs at [2] and [3]). This is partially why there's |
| 7 |
>> so much "interesting" data to be sniffed from a server's memory via the |
| 8 |
>> heartbleed response packets -- that memory wasn't really initialized to |
| 9 |
>> random data or zero'd upon malloc(), nor garbage-collected upon free(). |
| 10 |
>> |
| 11 |
>> Taking place over on the openssl-users ML, someone from Akamai posted a new |
| 12 |
>> secure memory allocator patch[4][5] that they have been using in production |
| 13 |
>> for about a decade. That patch was cleaned up, diff'ed against |
| 14 |
>> openssl-1.0.1g, and posted to openssl-dev here: |
| 15 |
>> https://marc.info/?l=openssl-dev&m=139733477712798&q=p5 |
| 16 |
>> |
| 17 |
>> It basically provides a secure memory area protected by guard pages for |
| 18 |
>> sensitive data, like RSA private keys, so that if another Heartbleed-like |
| 19 |
>> event occurs, things won't be as bad. Hopefully... |
| 20 |
>> |
| 21 |
>> Is this something we want to look at adding to our openssl copy via an |
| 22 |
>> optional USE flag (default off)? |
| 23 |
> |
| 24 |
> Not really, no. I would rather wait until other people have reviewed |
| 25 |
> and/or it has been pulled into openssl. |
| 26 |
> |
| 27 |
|
| 28 |
And for the same reason I'd like to see that the hpn USE flag in the |
| 29 |
package openssh would have the default value "off" |
| 30 |
(recent discussion at the mailing list around 3/29) |
| 31 |
|
| 32 |
|
| 33 |
> To cite the Akamai dev who posted the patch [1]: |
| 34 |
> "Let me restate that: *do not just take this patch and put it into |
| 35 |
> production without careful review.*" |
| 36 |
> |
| 37 |
> Best, |
| 38 |
> Tiziano |
| 39 |
> |
| 40 |
> [1] http://thread.gmane.org/gmane.comp.encryption.openssl.user/51243?resub=1 |
| 41 |
> |
| 42 |
> |
| 43 |
|
| 44 |
|
| 45 |
-- |
| 46 |
Toralf |
Archives