Insecure memory error -GnuPG on HPUX

Michael Roth
Thu, 23 Sep 1999 10:20:12 +0200 (CEST)

On Wed, 22 Sep 1999, Kim Harris wrote:

> gpg: Warning: using insecure memory!
This message tells you, that GnuPG can't lock memory pages to prevent paging for secret data. Quote from the GnuPG manpage: On many systems this program should be installed as setuid(root). This is necessary to lock memory pages. Locking memory pages prevents the operating system from writing memory pages to disk. If you get no warning mes­ sage about insecure memory your operating system supports locking without being root. The program drops root privi­ leges as soon as locked memory is allocated. Because your OS doesn't support locking without being setuid(root) you will see this message. Their are two was to get rid of this message: 1.) Install GnuPG setuid(root). This will make GnuPG more secure. 2.) Use the option --no-secmem-warning. You can use this option in your config file. Please note: The danger will remain that the OS could page secret data to the swap partition!
> I can't find any reference to it in the docs unless it is to
> do with memory guard. The configure was run with
> --enable-m-guard
> but that doesn't make any difference.
--enable-m-guard are only for developers. This ist to help finding memory leaks and errors. This configure option is not for end users. cu Michael