From owner-freebsd-security@FreeBSD.ORG Wed Apr 9 19:44:54 2014 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ABB65A7C for ; Wed, 9 Apr 2014 19:44:54 +0000 (UTC) Received: from mail-oa0-x22e.google.com (mail-oa0-x22e.google.com [IPv6:2607:f8b0:4003:c02::22e]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 747281673 for ; Wed, 9 Apr 2014 19:44:54 +0000 (UTC) Received: by mail-oa0-f46.google.com with SMTP id i7so3285881oag.5 for ; Wed, 09 Apr 2014 12:44:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=gzANQIbQVzVOd5+UX9y7fosZpj/BfEX5Rfvec9TxM1Y=; b=a0llC/JxKKJXUCinKIRtrq417AhY9jI2zkmvzmwZwv5LgiTYU/+mVNCDuQk7+nA1YP i6ozdOHrC+1otT7V7/ROp4om8o9EXlqNSy+xEfAtjDcE7HHKSvvneJ17GdWmlSauy+Bk boE9g0LPqW7XhqpVojX2/nlnQTXRgmKLHK4ETru8LhrhMVy1Zs8gMYDI+IBwpkNb+8+I HRBUMVFEcfK6lqx5agPuI0pQbkYNJ9nR+wlTYRYmy96EQOzVT015vN3xVtRsugBnbdez a3i10nx6tG+7r/1gaBfZtmaiWPjFfh0hd7PgvGk0Zvl+RBBLp84eKizxNgSqmzziEFBu t9yw== MIME-Version: 1.0 X-Received: by 10.182.231.138 with SMTP id tg10mr10368968obc.44.1397072693806; Wed, 09 Apr 2014 12:44:53 -0700 (PDT) Sender: ndorfman@gmail.com Received: by 10.60.158.106 with HTTP; Wed, 9 Apr 2014 12:44:53 -0700 (PDT) In-Reply-To: <867g6y1kfe.fsf@nine.des.no> References: <9eeba1ab-2ab0-4188-82aa-686c5573a5db@me.com> <8D81F198-36A7-47F4-B486-DA059910A6B4@spam.lifeforms.nl> <867g6y1kfe.fsf@nine.des.no> Date: Wed, 9 Apr 2014 15:44:53 -0400 X-Google-Sender-Auth: 3EzQHX5pS9huxCmu33dMsOl13nU Message-ID: Subject: Re: Proposal From: Nathan Dorfman To: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= Content-Type: text/plain; charset=UTF-8 Cc: freebsd-security@freebsd.org, Kimmo Paasiala , Walter Hop , Pawel Biernacki X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Apr 2014 19:44:54 -0000 First, the (unfortunately) necessary disclaimer: this is an honest question to satisfy my curiosity, nothing more. Absolutely no criticism of anyone is intended. Is it implausible to suggest that before embarking on the task of backporting, reviewing, testing and releasing the actual fix, an announcement could have been made immediately with the much simpler workaround of adding -DOPENSSL_NO_HEARTBEATS to the OpenSSL compiler flags? Given the severity of the issue, it doesn't seem that an immediate advisory stating "here's an immediate workaround, a full fix will be coming in the next day or two" would be terribly inappropriate. Perhaps this workaround would have required more testing than I imagine, but surely it'd be a tiny fraction of the time required to release the full fix? While I'm out here drawing fire, I might as well also ask if I'm crazy to think that it might be a good idea for the base system OpenSSL (and other third party imports) to just disable any and all non-essential functionality that can be disabled at compile time? Non-essential meaning everything not required for the base system to function -- there's always the ports version if anyone needs more. Thanks for your thoughts, and of course, your ongoing efforts. They are much appreciated. -nd.