using insecure memory
sen_ml@eccosys.com
sen_ml@eccosys.com
Sat, 26 Aug 2000 10:23:01 +0900
From: Michael Still <mikal@stillhq.com>
Subject: Re: using insecure memory
Date: Sat, 26 Aug 2000 10:10:16 +1000
Message-ID: <39A70AE8.46F78632@stillhq.com>
> I presume this would make it suid root, because when I run gpg as
> root I never see this insecure memory message. Is the message just
> because root can look at other user's memory spaces? Or is there
> another reason as well?
afaik, if setuid root, gpg uses the system call mlock() (which
requires root privileges) to protect certain portions of the process'
memory from being swapped to disk. i don't know if there are any
other things gpg makes use of if setuid root.
there's some documentation related to this in section 2.4 of:
http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto-2.html
(this minihowto is listed in the documents section of the gnupg website)
--
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of "unsubscribe" to gnupg-users-request@gnupg.org