On 24.9.2012 22:26, Albert McCann wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Markus Falb Sent: Monday, September 24, 2012 7:07 AM To: centos@centos.org Subject: [CentOS] SSL CRIME
Hi, Some of you have heard of CRIME, probably.
from https://bugzilla.redhat.com/show_bug.cgi?id=857051
Adding the following line to the /etc/sysconfig/httpd file:
export OPENSSL_NO_DEFAULT_ZLIB=1
But there are other services but http that use ssl and are vulnerable? What is the optimal place for setting this environment variable system wide?
I tried to set it in /etc/profile.d/CRIME.sh /etc/bashrc without success.
What about placing it in the /etc/rc.d/rc.local file?
$ ls -l /etc/rc3.d/S99local lrwxrwxrwx. 1 root root 11 18. Sep 09:08 /etc/rc3.d/S99local -> ../rc.local
It is too late, isn't it?