[CentOS] SSL CRIME
Markus Falb
markus.falb at fasel.at
Tue Sep 25 13:01:40 UTC 2012
On 24.9.2012 22:26, Albert McCann wrote:
>> -----Original Message-----
>> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On
>> Behalf Of Markus Falb
>> Sent: Monday, September 24, 2012 7:07 AM
>> To: centos at centos.org
>> Subject: [CentOS] SSL CRIME
>>
>> Hi,
>> Some of you have heard of CRIME, probably.
>>
>> from https://bugzilla.redhat.com/show_bug.cgi?id=857051
>>> Adding the following line to the /etc/sysconfig/httpd file:
>>>
>>> export OPENSSL_NO_DEFAULT_ZLIB=1
>>
>> But there are other services but http that use ssl and are vulnerable?
>> What is the optimal place for setting this environment variable system
>> wide?
>>
>> I tried to set it in
>> /etc/profile.d/CRIME.sh
>> /etc/bashrc
>> without success.
>
> What about placing it in the /etc/rc.d/rc.local file?
$ ls -l /etc/rc3.d/S99local
lrwxrwxrwx. 1 root root 11 18. Sep 09:08 /etc/rc3.d/S99local -> ../rc.local
It is too late, isn't it?
--
Kind Regards, Markus Falb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 304 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20120925/b9d63ad7/attachment.sig>
More information about the CentOS
mailing list