Insecure memory

John Bacalle
Tue, 22 Aug 2000 14:17:54 -0400

On Tue, Aug 22, 2000 at 01:43:53PM +0000, Subba Rao wrote:
-snip 'gpg -?' does not show --no-secmem-warning-

> > You do not really have the 1.0.2 manpage, then.

> > --no-secmem-warning
> > Suppress the warning about "using insecure mem-
> > ory".

> I am talking about the command line options for the "gpg" command. The
> man page may be uniform across different versions.
> Here is the output of "gpg -?" (I have cropped out the initial few lines)
> -------------------------------------
> I do not see a --no-secmem-warning option.
Under a RHL gpg 1.0.1 install I see the same thing as you, Subba. Note, the docs are works in progress as the sites clearly and repeatedly mentions. Follow either option and clear the insecure memory issue. I just took advantage of Peter's advice (thanks, Peter!) and cured that symptom on my system, which I'd been procrastinating on. One question though, from the man page: BUGS On many systems this program should be installed as setuid(root). This is necessary to lock memory pages. Locking memory pages prevents the operating system from writing memory pages to disk. If you get no warning mes­ sage about insecure memory your operating system supports locking without being root. The program drops root privi­ leges as soon as locked memory is allocated. Does the last sentence mean, 'setting SUID root' security concerns are ameliorated as "... locked memory is allocated"? John -- John Bacalle -- Archive is at - Unsubscribe by sending mail with a subject of "unsubscribe" to