insecure memory warning

Tony Nelson tnelson@techie.com
Fri, 14 Jan 2000 13:02:05 -0500


--IpbVkmxF4tDyP/Kb
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

There are two ways to disable this message:

If you have root access to the gpg executable then you can change gpg to be
suid:

chmod 4755 gpg

there is also an option --no-secmem-warning that is documented in the manual

Basically, what this warning is telling you is that gpg is unable to lock=
=20
memory for the exclusive use of gpg (ie, no other programs/processes/etc)
can inspect the state of the program and it's internal data.  if the box th=
at
you are using is private (like your own linux box) then this warning has le=
ss
meaning than if you are running gpg on your ISP's box w/ 300 different user=
s.

=46rom a security standpoint, any possible way that your data can be potent=
ially
exploited should be reported, and gpg is doing a good job of telling you
about it.

Hope this helps.

Tony

On Fri, Jan 14, 2000 at 12:30:04PM -0500, hardpack wrote:

>=20
> i'm a new user of gpg, and i've installed it to encrypt data files,
> not for delivery, but for secure storage.
>=20
> i'm running red hat linux 5.1 and have installed gpg from the source
> (not from any rpm).
>=20
> since i'm encrypting for secure storage (and not for mail), i've=20
> chosen to use the --symmetric option with gpg. when i run it on
> a file, i receive this message:
>=20
> gpg: Warning: using insecure memory!
>=20
> what does this mean? how bad is this?=20
>=20
> also, is --symmetric the correct option to use? and how strong is
> the encryption when there is no passing of keys? =20
>=20
> thank you.
>=20
--=20 Tony Nelson Standard Disclaimers A= pply=20 --IpbVkmxF4tDyP/Kb Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE4f2SdUf+aFxNsW4cRAV4lAKDcIZLhswKbUMYHSNSDM0RP0aSZfwCgyqg1 cI5KJuz6649GJXjzZ6CYV0w= =OKJo -----END PGP SIGNATURE----- --IpbVkmxF4tDyP/Kb--