GnuPG Daemon?

Werner Koch wk@gnupg.org
Fri May 25 20:07:02 2001


On Fri, 25 May 2001, clemensF wrote:


> in what way? recovering the passphrase should be hard for root as well.
There 42 and more ways for root to do _everything_. What about attaching strace to a running gpg or replacing the gpg binary with a version whichs logs passphrases or just tracing all syscalls or pty dataflows.
> > * Could they make it dump core and rip the passphrase from that? If it
> > dumped core, the passphrase would be readily available. In a perfect
Programs which handle sensitive information should disable core dumps - this is pretty easo on most systems.
> a passphrase could be encrypted time-limited, the program could recrypt it
> from time to time, so it would not stay unencrypted in memory too long.
And where do you keep the key for this encryption ?! ciao, Werner -- Werner Koch Omnis enim res, quae dando non deficit, dum habetur g10 Code GmbH et non datur, nondum habetur, quomodo habenda est. Privacy Solutions -- Augustinus