From owner-freebsd-security@FreeBSD.ORG Fri May 15 16:02:48 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 040FCB34 for ; Fri, 15 May 2015 16:02:48 +0000 (UTC) Received: from out4-smtp.messagingengine.com (out4-smtp.messagingengine.com [66.111.4.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C90061EEA for ; Fri, 15 May 2015 16:02:47 +0000 (UTC) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 825B3208E3 for ; Fri, 15 May 2015 12:02:46 -0400 (EDT) Received: from web3 ([10.202.2.213]) by compute4.internal (MEProxy); Fri, 15 May 2015 12:02:46 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-sasl-enc:x-sasl-enc; s=smtpout; bh=EPd6/1KXgL2PPQV TqpCyLz5ZH0k=; b=HIRupS9hX1O1PRgcWQUyrsWbEMQsx4o2xPn2lFlcCEO/QoT wCQ5sfpUokBgoYPCO6s7zAi4ci+TjBkPZeBYXhJnAOVAjd4EkvGzv4vsJ3XwZoYX 2HoQwJlL/yQA62XkqFMy55GgZc7ajIPt+n2gsL908L06GgNje5QVnYWuZ8GE= Received: by web3.nyi.internal (Postfix, from userid 99) id 637E11071B8; Fri, 15 May 2015 12:02:46 -0400 (EDT) Message-Id: <1431705766.3563083.269738569.0FA82C3E@webmail.messagingengine.com> X-Sasl-Enc: ecYoY6eY2XnoLyxfRbFiXZpNyMroMgRwMDjrxwBsi30T 1431705766 From: Mark Felder To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-e7ca9928 Subject: Re: Forums.FreeBSD.org - SSL Issue? Date: Fri, 15 May 2015 11:02:46 -0500 In-Reply-To: <20150515152220.C0CC7689@hub.freebsd.org> References: <2857899F-802E-4086-AD41-DD76FACD44FB@modirum.com> <05636D22-BBC3-4A15-AC44-0F39FB265CDF@patpro.net> <20150514193706.V69409@sola.nimnet.asn.au> <5554879D.7060601@obluda.cz> <1431697272.3528812.269632617.29548DB0@webmail.messagingengine.com> <20150515152220.C0CC7689@hub.freebsd.org> X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 May 2015 16:02:48 -0000 On Fri, May 15, 2015, at 10:22, Roger Marquis wrote: > Mark Felder wrote: > > In the future FreeBSD's base libraries like OpenSSL hopefully will be > > private: only the base system knows they exist; no other software will > > see them. This will mean that every port/package you install requiring > > OpenSSL will *always* use OpenSSL from ports/packages; no conflict is > > possible. > > That's one way of approaching it but there are drawbacks to this method. > Maintaining two sets of binaries and libraries that must be kept separate > (using what kind of ACLs?) adds complexity. Complexity is the enemy of > security. > It should be less complex than you're thinking. It's literally just libraries outside the linker search path. > Another option is a second openssl port, one that overwrites base and > guarantees compatibility with RELEASE. Then we could at least have all > versions of openssl in vuln.xml (not that that's been a reliable > indicator of security of late). > This will never work. You can't guarantee compatibility with RELEASE and upgrade it too.