Tue, 22 Aug 2000 14:17:54 -0400
On Tue, Aug 22, 2000 at 01:43:53PM +0000, Subba Rao wrote:
-snip 'gpg -?' does not show --no-secmem-warning-
> > You do not really have the 1.0.2 manpage, then.
> > --no-secmem-warning
> > Suppress the warning about "using insecure mem-
> > ory".
> I am talking about the command line options for the "gpg" command. The
> man page may be uniform across different versions.
> Here is the output of "gpg -?" (I have cropped out the initial few lines)
> I do not see a --no-secmem-warning option.
Under a RHL gpg 1.0.1 install I see the same thing as you, Subba.
Note, the docs are works in progress as the gnupg.org sites clearly and
repeatedly mentions. Follow either option and clear the insecure memory
I just took advantage of Peter's advice (thanks, Peter!) and cured that
symptom on my system, which I'd been procrastinating on. One question
though, from the man page:
On many systems this program should be installed as
setuid(root). This is necessary to lock memory pages.
Locking memory pages prevents the operating system from
writing memory pages to disk. If you get no warning mes
sage about insecure memory your operating system supports
locking without being root. The program drops root privi
leges as soon as locked memory is allocated.
Does the last sentence mean, 'setting SUID root' security concerns are
ameliorated as "... locked memory is allocated"?
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to email@example.com