LibGCrypt Examples

Wed, 17 Apr 2002 22:30:14 +0100

On Wed, Apr 17, 2002 at 11:17:00PM +0200, Rüdiger Sonderfeld wrote:
> Am Mittwoch, 17. April 2002 23:07 schrieb Rüdiger Sonderfeld:
> > Warning: using insecure memory!
> I also recive this warning while using the testapi example :(
> My system
> 
> Debian GNU/Linux Woody
> GCC 3.01
> 256MB RAM

the latter two things are unimportant. What is is the availability of the
mlock(2) call to non-root. On my BSD system, the man page for mlock(2) says:
|     These calls are only available to the super-user.

Thus gpg (and probably the binary linked against gcrypt (I'm not sure whether
gcrypt is a wrapper to invoke gpg or not)) should be setuid to root. The
amount of code in gpg before it drops privilege is very small and easily
auditable.

MBM

-- 
Matthew Byng-Maddick         <mbm@colondot.net>           http://colondot.net/