Would a multi-process server engine help protect against this? Think what Chrome... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

AshleysBrain on April 11, 2014 | parent | context | favorite | on: The Heartbleed Challenge

Would a multi-process server engine help protect against this? Think what Chrome does with tabs. If the network request is received by a dedicated IO process which then uses IPC to communicate with other parts of the server, then perhaps sensitive information like keys would not be in the same address space so could not be leaked? I guess if the bug was in a sensitive process then it would still happen. Disclaimer: I have no idea how modern servers are architected, perhaps they already do this :) Would be interested to hear from anyone more knowledgeable.

X-Istence on April 11, 2014 [–]

The keys would be in the same process as the one doing the SSL in the first place, and that is the part that is vulnerable.

Even communicating over IPC you would still be vulnerable.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact