Questions about GPGME / GnuPG library
Olaf Trygve Berglihn
olafb at pvv.org
Thu Dec 7 13:50:35 CET 2000
Nils at InfoSun.FMI.Uni-Passau.De (Nils Ellmenreich) writes:
> >>>"OTB" == Olaf Trygve Berglihn <olafb at pvv.org> writes:
> OTB> Root is root is root is root, i.e. if you can exploit to become root,
> OTB> then you could swap the gnupg-binary, the shell-binary or
> OTB> whatever.
> Not quite, gpg drops root priviledges as soon as protected memory has
> been reserved. <...>
I think you're missing my point. It is not whether a setuid gnupg
drops priviledges or not. Beeing root, I could easily scan your gpg
process, read your keyboard input, or more interesting: just replace
the gnupg binary with a trojan. It would't help you a tiny bit that
you're not using a gpg (statically or dynamically linked) that was not
implemented in a more api-friendly fashion or not. So much for
"protecting the environment".
> Having said that, the best way would be to have OS support for
> secure memory in non-root applications ...
Olaf Trygve Berglihn <olafb at pvv.org>
More information about the Gnupg-devel