问题
I understand that the heartbleed-bug allows a remote attacker to read memory from your machine. Is this mitigated by memory protection?
For example, if I have a public-facing https webserver, any webserver traffic and data is obviously compromised, as well as any information accessible using credentials sent over the webserver. But what about other processes on the same box? If I was running bash locally from the console, far from ssl?
回答1:
According to the site Heartbleed only affects openssl and related software (like something linked to libssl). Any other program in your box should be safe from this particular bug.
来源:https://stackoverflow.com/questions/22973412/does-memory-protection-protect-servers-from-the-heartbleed-exploit