insecure memory warning
Tony Nelson
tnelson@techie.com
Fri, 14 Jan 2000 13:02:05 -0500
--IpbVkmxF4tDyP/Kb
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
There are two ways to disable this message:
If you have root access to the gpg executable then you can change gpg to be
suid:
chmod 4755 gpg
there is also an option --no-secmem-warning that is documented in the manual
Basically, what this warning is telling you is that gpg is unable to lock=
=20
memory for the exclusive use of gpg (ie, no other programs/processes/etc)
can inspect the state of the program and it's internal data. if the box th=
at
you are using is private (like your own linux box) then this warning has le=
ss
meaning than if you are running gpg on your ISP's box w/ 300 different user=
s.
=46rom a security standpoint, any possible way that your data can be potent=
ially
exploited should be reported, and gpg is doing a good job of telling you
about it.
Hope this helps.
Tony
On Fri, Jan 14, 2000 at 12:30:04PM -0500, hardpack wrote:
>=20
> i'm a new user of gpg, and i've installed it to encrypt data files,
> not for delivery, but for secure storage.
>=20
> i'm running red hat linux 5.1 and have installed gpg from the source
> (not from any rpm).
>=20
> since i'm encrypting for secure storage (and not for mail), i've=20
> chosen to use the --symmetric option with gpg. when i run it on
> a file, i receive this message:
>=20
> gpg: Warning: using insecure memory!
>=20
> what does this mean? how bad is this?=20
>=20
> also, is --symmetric the correct option to use? and how strong is
> the encryption when there is no passing of keys? =20
>=20
> thank you.
>=20
--=20
Tony Nelson Standard Disclaimers A=
pply=20
--IpbVkmxF4tDyP/Kb
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE4f2SdUf+aFxNsW4cRAV4lAKDcIZLhswKbUMYHSNSDM0RP0aSZfwCgyqg1
cI5KJuz6649GJXjzZ6CYV0w=
=OKJo
-----END PGP SIGNATURE-----
--IpbVkmxF4tDyP/Kb--