On Wed, Apr 9, 2014 at 5:48 AM, Reindl Harald <[email protected]> wrote: > after update openssl and re-new all certificates one question > remains: in case of httpd-prefork would a attacker only have > been able to compromise the private key and data of his > worker-process or as well access the memory of other workers?
Doesn't seem very helpful in practice. The different processes are handling similar requests and an attacker would just run a number of handshakes to hit arbitrary processes.
