Subba Rao <firstname.lastname@example.org>
Tue, 22 Aug 2000 18:36:00 +0000
On 0, John Bacalle <email@example.com> wrote:
> On Tue, Aug 22, 2000 at 01:43:53PM +0000, Subba Rao wrote:
> -snip 'gpg -?' does not show --no-secmem-warning-
> > > You do not really have the 1.0.2 manpage, then.
> > > --no-secmem-warning
> > > Suppress the warning about "using insecure mem-
> > > ory".
> > I am talking about the command line options for the "gpg" command. The
> > man page may be uniform across different versions.
> > Here is the output of "gpg -?" (I have cropped out the initial few lines)
> > -------------------------------------
> > I do not see a --no-secmem-warning option.
> Under a RHL gpg 1.0.1 install I see the same thing as you, Subba.
> Note, the docs are works in progress as the gnupg.org sites clearly and
> repeatedly mentions. Follow either option and clear the insecure memory
> I just took advantage of Peter's advice (thanks, Peter!) and cured that
> symptom on my system, which I'd been procrastinating on. One question
> though, from the man page:
> On many systems this program should be installed as
> setuid(root). This is necessary to lock memory pages.
> Locking memory pages prevents the operating system from
> writing memory pages to disk. If you get no warning mes
> sage about insecure memory your operating system supports
> locking without being root. The program drops root privi
> leges as soon as locked memory is allocated.
> Does the last sentence mean, 'setting SUID root' security concerns are
> ameliorated as "... locked memory is allocated"?
Thank you very much for this solution! The setuid flag has fixed the "insecure
=> Time is relative. Here is a new way to look at time. <=
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to firstname.lastname@example.org