Smalltalk Gemtalk Gemstone/S

Small information leak in the GS/64 3.1.x distribution

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Georg Gollmann
Reply | Threaded
Open this post in threaded view
|

Small information leak in the GS/64 3.1.x distribution

Georg Gollmann
Hello,

I just noticed that the openssl binary included in 3.1.x leaks some information about its build environment:

> ./GemStone64Bit3.1.0-x86_64.Linux/bin/openssl
> WARNING: can't open config file: /export/jupiter3/users/buildgss/gs64/30/build28635/fast50/openssl/install50/ssl/openssl.cnf

> ./GemStone64Bit3.1.0.1-x86_64.Linux/bin/openssl
> WARNING: can't open config file: /export/jupiter3/users/buildgss/gs64/3101/build28937/fast50/openssl/install50/ssl/openssl.cnf


While I donĀ“t see a real security problem it would be cleaner if the warning could be eliminated in future releases.

Kind regards
Georg
_______________________________________________
GemStone-Smalltalk mailing list
Archive: http://forum.world.st/Gemstone-Customers-f1461796.html
Free forum by Nabble Edit this page