Warning: using insecure memory!
Michael Roth
mroth@nessie.de
Sun, 8 Aug 1999 00:05:29 +0200 (CEST)
On Sat, 7 Aug 1999, Matthew Cordes wrote:
> Please forgive my last message to this group (if it made it that far). I am
> having difficulty using gpg with mutt. Whenever i use gpg (ver 0.9.10)
> it complains that i am using insecure memory. What is insecure memory?
> and how to fix/repair it? i have used pgp in the past and it never
> complained of such a thing.
Quote from "man gpg":
On many systems this program should be installed as
setuid(root). This is necessary to lock memory pages.
Locking memory pages prevents the operating system from
writing memory pages to disk. If you get no warning mesĀ
sage about insecure memory your operating system supports
locking without being root. The program drops root priviĀ
leges as soon as locked memory is allocated.
The reason why writing memory pages to disk is dangerous is because it
sometimes enables an attacker later to retrieve your secret key,
passphrase, clear text message and so on if he breaks into your system or
if he steal your computer.
The sollution is to tell the operating system that it should under no
circumstance write a memory page (used by gpg) to a disk. However, on most
operating systems you can only prevent the OS from doing that if you are
root.
Because not all users should be root, you can make the gpg binary setuid
root. Gpg will then allocate a memory pool large enough for its purpose
(some kilo bytes), tells the operating system to prevent paging for these
memory pages and then drops root privileges to ensure safe operation.
To make the binary setuid root execute the following two steps on your
linux machine as user root:
# chown root /path/to/gpg
# chmod u+s /path/to/gpg
cu
Michael