Date: Thu, 1 Aug 2002 08:55:44 +0200 From: patpro <patpro@patpro.net> To: freebsd-security@freebsd.org Subject: Re: About the openssl hole Message-ID: <B365B37E-A51B-11D6-809A-0030654D97EC@patpro.net> In-Reply-To: <3D47402F.83B37CBA@pantherdragon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I currently have a FreeBSD server and provide services like apache/ssl, pop/ ssl, smtp/ssl... I don't have physical access to the box. If I just : - update openSSL port - recompile every port that use openSSL (openSSH, Apache+mod_ssl, ....) will I be safe from remote attack ? Is the make-world compulsory to guaranty security from outside the box, or is it just the way to guaranty the security from both inside and outside ? I'm not paranoid about local exploit, only 2 people have a shell on the box and they also have the root passwd (my partners). A remote make-world is not a manipulation I whould be happy to do :/ thanks, patpro To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B365B37E-A51B-11D6-809A-0030654D97EC>