[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Another openssl advisory: Tor seems not to be affected (Chroot?)

On 19 April 2012 11:50, Fabio Pietrosanti (naif) <lists@xxxxxxxxxxxxxxx> wrote:
> Apache does it with Mod_Security:
> http://www.modsecurity.org/documentation/apache-internal-chroot.html
> ProFTPD does it with DefaultRoot:
> http://www.proftpd.org/docs/directives/linked/config_ref_DefaultRoot.html

To add another data point, Colin Percival has blogged about how he
terminates SSL connections in a jail to mitigate this risk.

tor-talk mailing list