内存保护是否可以保护服务器免受恶意攻击? [英] Does memory protection protect servers from the heartbleed exploit?

问题描述

我知道，heartbleed-bug允许远程攻击者从您的计算机读取内存.内存保护可以缓解这种情况吗?

I understand that the heartbleed-bug allows a remote attacker to read memory from your machine. Is this mitigated by memory protection?

例如，如果我有一个面向公众的https网络服务器，那么显然任何网络服务器的流量和数据都会受到损害，所有通过使用通过网络服务器发送的凭据访问的信息都将受到损害.但是，同一盒子上的其他进程又如何呢?如果我是从控制台本地运行bash，那么距离ssl远吗?

For example, if I have a public-facing https webserver, any webserver traffic and data is obviously compromised, as well as any information accessible using credentials sent over the webserver. But what about other processes on the same box? If I was running bash locally from the console, far from ssl?

推荐答案

根据网站，Heartbleed仅影响openssl和相关软件(例如与libssl链接的软件).您包装盒中的任何其他程序都应避免出现此特定错误.

According to the site Heartbleed only affects openssl and related software (like something linked to libssl). Any other program in your box should be safe from this particular bug.

这篇关于内存保护是否可以保护服务器免受恶意攻击?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！