GnuPG + FreeBSD 5.3 = intermitent memory warning
David Shaw
dshaw at jabberwocky.com
Thu Dec 16 06:46:57 CET 2004
On Wed, Dec 15, 2004 at 12:26:32PM -0500, David Shaw wrote:
> On Wed, Dec 15, 2004 at 03:19:45PM +0100, Janusz A. Urbanowicz wrote:
> > On Tue, Dec 14, 2004 at 11:05:34PM -0500, David Shaw wrote:
> > > In terms of what to do about this in GnuPG, I'm not sure if there
> > > should be anything done. I think the the current GnuPG behavior is
> > > pretty good: try to get locked memory, and if it can't, warn the user.
> >
> > I can imagione a situation when the user wants for the program to do more
> > than spit out stderr warning. What about another ( :-(( ) --expert option
> > along the lines of --no-secmem-fail with a specific error code if mlock()
> > cannot be obtained?
>
> I thought about something like that, but I worried it would cause
> confusion if it was set on a non-setuid binary. I'll take another
> look.
Okay, I added a --require-secmem, which causes gpg to exit if it
cannot get a lock. The default is off (i.e. the current behavior).
David
More information about the Gnupg-devel
mailing list