If what CloudFlare is saying is true (and I think it is), that the only possibil... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rubiquity on April 11, 2014 \| parent \| context \| favorite \| on: The Heartbleed Challenge If what CloudFlare is saying is true (and I think it is), that the only possibility of Nginx/Apache leaking the private key is on start up due to how low of a memory address the private key is given, is there anything in Nginx/Apache to fire a bunch of dummy requests at itself before accepting public connections? This should effectively bury the memory address that the private key is stored in. Would this be useful if it doesn't exist or would it only be useful in hindsight?

diminoten on April 11, 2014 [–]

Anyone know of a quick way to force nginx to restart?

rubiquity on April 11, 2014 | [–]

Haha, that's what I've been thinking about since this was posted as well :)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact