Warning: using insecure memory!

Michael Roth mroth@nessie.de
Sun, 8 Aug 1999 00:05:29 +0200 (CEST)


On Sat, 7 Aug 1999, Matthew Cordes wrote:


> Please forgive my last message to this group (if it made it that far). I am
> having difficulty using gpg with mutt. Whenever i use gpg (ver 0.9.10)
> it complains that i am using insecure memory. What is insecure memory?
> and how to fix/repair it? i have used pgp in the past and it never
> complained of such a thing.
Quote from "man gpg": On many systems this program should be installed as setuid(root). This is necessary to lock memory pages. Locking memory pages prevents the operating system from writing memory pages to disk. If you get no warning mes­ sage about insecure memory your operating system supports locking without being root. The program drops root privi­ leges as soon as locked memory is allocated. The reason why writing memory pages to disk is dangerous is because it sometimes enables an attacker later to retrieve your secret key, passphrase, clear text message and so on if he breaks into your system or if he steal your computer. The sollution is to tell the operating system that it should under no circumstance write a memory page (used by gpg) to a disk. However, on most operating systems you can only prevent the OS from doing that if you are root. Because not all users should be root, you can make the gpg binary setuid root. Gpg will then allocate a memory pool large enough for its purpose (some kilo bytes), tells the operating system to prevent paging for these memory pages and then drops root privileges to ensure safe operation. To make the binary setuid root execute the following two steps on your linux machine as user root: # chown root /path/to/gpg # chmod u+s /path/to/gpg cu Michael