From owner-freebsd-security@FreeBSD.ORG  Fri May 15 15:22:15 2015
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 7038D636
 for <freebsd-security@freebsd.org>; Fri, 15 May 2015 15:22:15 +0000 (UTC)
Received: from mx5.roble.com (mx5.roble.com [206.40.34.5])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 5DF6B1A1B
 for <freebsd-security@freebsd.org>; Fri, 15 May 2015 15:22:14 +0000 (UTC)
Date: Fri, 15 May 2015 08:22:07 -0700 (PDT)
From: Roger Marquis <marquis@roble.com>
To: freebsd-security@freebsd.org
Subject: Re: Forums.FreeBSD.org - SSL Issue?
In-Reply-To: <1431697272.3528812.269632617.29548DB0@webmail.messagingengine.com>
References: <CACRVPYOALi-V8D34zeJTYdSwHshYrqtttqVV3=aP8Yb6ZAxfyg@mail.gmail.com>
 <2857899F-802E-4086-AD41-DD76FACD44FB@modirum.com>
 <05636D22-BBC3-4A15-AC44-0F39FB265CDF@patpro.net>
 <20150514193706.V69409@sola.nimnet.asn.au>
 <F2460C80-969A-46DF-A44F-6C3D381ABDC3@patpro.net>
 <5554879D.7060601@obluda.cz>
 <1431697272.3528812.269632617.29548DB0@webmail.messagingengine.com>
User-Agent: Alpine 2.11 (BSF 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format=flowed; charset=US-ASCII
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 15 May 2015 15:22:15 -0000

Mark Felder wrote:
> In the future FreeBSD's base libraries like OpenSSL hopefully will be
> private: only the base system knows they exist; no other software will
> see them. This will mean that every port/package you install requiring
> OpenSSL will *always* use OpenSSL from ports/packages; no conflict is
> possible.

That's one way of approaching it but there are drawbacks to this method.
Maintaining two sets of binaries and libraries that must be kept separate
(using what kind of ACLs?) adds complexity.  Complexity is the enemy of
security.

Another option is a second openssl port, one that overwrites base and
guarantees compatibility with RELEASE.  Then we could at least have all
versions of openssl in vuln.xml (not that that's been a reliable
indicator of security of late).

Roger Marquis