[CentOS] SSL CRIME

Markus Falb markus.falb at fasel.at
Tue Sep 25 09:01:40 EDT 2012


On 24.9.2012 22:26, Albert McCann wrote:
>> -----Original Message-----
>> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
>> Behalf Of Markus Falb
>> Sent: Monday, September 24, 2012 7:07 AM
>> To: centos at centos.org
>> Subject: [CentOS] SSL CRIME
>>
>> Hi,
>> Some of you have heard of CRIME, probably.
>>
>> from https://bugzilla.redhat.com/show_bug.cgi?id=857051
>>> Adding the following line to the /etc/sysconfig/httpd file:
>>>
>>>   export OPENSSL_NO_DEFAULT_ZLIB=1
>>
>> But there are other services but http that use ssl and are vulnerable?
>> What is the optimal place for setting this environment variable system
>> wide?
>>
>> I tried to set it in
>> /etc/profile.d/CRIME.sh
>> /etc/bashrc
>> without success.
> 
> What about placing it in the /etc/rc.d/rc.local file?

$  ls -l /etc/rc3.d/S99local
lrwxrwxrwx. 1 root root 11 18. Sep 09:08 /etc/rc3.d/S99local -> ../rc.local

It is too late, isn't it?
-- 
Kind Regards, Markus Falb

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 304 bytes
Desc: OpenPGP digital signature
Url : http://lists.centos.org/pipermail/centos/attachments/20120925/b9d63ad7/attachment.bin 


More information about the CentOS mailing list