search for: openssl_no_default_zlib

Hi, Some of you have heard of CRIME, probably. from https://bugzilla.redhat.com/show_bug.cgi?id=857051 > Adding the following line to the /etc/sysconfig/httpd file: > > export OPENSSL_NO_DEFAULT_ZLIB=1 But there are other services but http that use ssl and are vulnerable? What is the optimal place for setting this environment variable system wide? I tried to set it in /etc/profile.d/CRIME.sh /etc/bashrc without success. -- Kind Regards, Markus Falb