1 |
On 04/14/2014 10:48 AM, Tiziano Müller wrote: |
2 |
> Am 13.04.2014 22:42, schrieb Joshua Kinard: |
3 |
>> So one of the side-discussions happening after Heartbleed was the fact that |
4 |
>> OpenSSL has its own memory allocator code that effectively mitigates any C |
5 |
>> library-provided exploit mitigations (as discussed on the openbsd-misc ML at |
6 |
>> [1] and Ted Unangst's blogs at [2] and [3]). This is partially why there's |
7 |
>> so much "interesting" data to be sniffed from a server's memory via the |
8 |
>> heartbleed response packets -- that memory wasn't really initialized to |
9 |
>> random data or zero'd upon malloc(), nor garbage-collected upon free(). |
10 |
>> |
11 |
>> Taking place over on the openssl-users ML, someone from Akamai posted a new |
12 |
>> secure memory allocator patch[4][5] that they have been using in production |
13 |
>> for about a decade. That patch was cleaned up, diff'ed against |
14 |
>> openssl-1.0.1g, and posted to openssl-dev here: |
15 |
>> https://marc.info/?l=openssl-dev&m=139733477712798&q=p5 |
16 |
>> |
17 |
>> It basically provides a secure memory area protected by guard pages for |
18 |
>> sensitive data, like RSA private keys, so that if another Heartbleed-like |
19 |
>> event occurs, things won't be as bad. Hopefully... |
20 |
>> |
21 |
>> Is this something we want to look at adding to our openssl copy via an |
22 |
>> optional USE flag (default off)? |
23 |
> |
24 |
> Not really, no. I would rather wait until other people have reviewed |
25 |
> and/or it has been pulled into openssl. |
26 |
> |
27 |
|
28 |
And for the same reason I'd like to see that the hpn USE flag in the |
29 |
package openssh would have the default value "off" |
30 |
(recent discussion at the mailing list around 3/29) |
31 |
|
32 |
|
33 |
> To cite the Akamai dev who posted the patch [1]: |
34 |
> "Let me restate that: *do not just take this patch and put it into |
35 |
> production without careful review.*" |
36 |
> |
37 |
> Best, |
38 |
> Tiziano |
39 |
> |
40 |
> [1] http://thread.gmane.org/gmane.comp.encryption.openssl.user/51243?resub=1 |
41 |
> |
42 |
> |
43 |
|
44 |
|
45 |
-- |
46 |
Toralf |