Questions about GPGME / GnuPG library

Florian Weimer Florian.Weimer at RUS.Uni-Stuttgart.DE
Wed Dec 6 12:09:59 CET 2000


Taral <taral at taral.net> writes:

> If GPG were a library, your program (which may or may not be safe)
> would also have to be setuid-root to take advantage of secure
> memory.

If this is really an issue (many applications which would benifit from
an OpenPGP library only need OpenPGP packet parsing and signature
verification), it's better to fix the operating system to provide a
certain (limited) amount of secure memory to unprivileged processes --
or use encrypted swap.

-- 
Florian Weimer 	                  Florian.Weimer at RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898



More information about the Gnupg-devel mailing list