On 09 Apr 2014, at 1:48 PM, Reindl Harald <h.rei...@thelounge.net> wrote:
> after update openssl and re-new all certificates one question > remains: in case of httpd-prefork would a attacker only have > been able to compromise the private key and data of his > worker-process or as well access the memory of other workers? In the case of prefork this wouldn't be true, no - they would only be able to compromise the memory of that process only. They may be able to access username/passwords from previous requests if they were still visible. In the case of the worker and event mpms, the memory of other workers could be compromised, yes. Regards, Graham --
