GPG | Upgrade

[Steven Murdoch]

At 16:47 17/04/01 +0200, Willi Dyck wrote:
>today I upgraded my debian box to 2.2r3. GPG was upgraded too.
>And now I get the following msg when signing my emails or doing anything
>else with gpg:
> 
>gpg: Warning: using insecure memory!
> 
>What does that mean? How can I fix it?

 From the FAQ (http://www.gnupg.org/faq.html):
-------
6.1) Why do I get "gpg: Warning: using insecure memory!" 
On many systems this program should be installed as setuid(root). This is necessary to lock memory pages. Locking memory pages prevents the operating system from writing them to disk and thereby keeping your secret keys really secret. If you get no warning message about insecure memory your operating system supports locking without being root. The program drops root privileges as soon as locked memory is allocated. 
On UnixWare 2.x and 7.x you should install GnuPG with the 'plock' privilege to get the same effect: 
        filepriv -f plock /path/to/gpg
If you can't or don't want to install GnuPG setuid(root), you can use the option "--no-secmem-warning" or put 
no-secmem-warning 
in your ~/.gnupg/options file (this disables the warning). 
On some systems (e.g., Windows) GnuPG does not lock memory pages and older GnuPG versions (<=1.0.4) issue the warning 
gpg: Please note that you don't have secure memory
This warning can't be switched off by the above option because it was thought to be a too serious issue. However, it confused users too much so the warning was eventually removed. 
-------

Hope this helps,
Steven.

-- 
email: sjmurdoch@bigfoot.com
web: http://www.bigfoot.com/~murdomania/
PGP/GnuPG Keys: http://www.bigfoot.com/~murdomania/keys.html
Geek Code: http://www.bigfoot.com/~murdomania/geek.htm
Diary: http://www.advogato.org/person/sjmurdoch/