removing the secmem warning

Ronald Beck
Tue Jan 8 15:17:01 2002

Regardless of whether gpg could tell me all about my system security
holes or not, if any application is going to provide me with a warning
that something isn't right, a link to more information would be greatly
appreciated.  It drives me crazy the number of applications out now that
provide error codes indicating some sort of failure with no reference to
where the codes can be found to describe what the problem is.  A
reference to where more information about the error or warning would be
a definite plus.  That way you could make an informed decision whether
to correct the problem or ignore it.


Frank Tobin wrote:
> Stefan Bellon, at 23:02 +0100 on 2002-01-07, wrote:
> > In a security software, I want to know about all security concerns that
> > may occur! If I decide to ignore them, then I may do so, but at first I
> > want that the program doesn't hide any potential problems away from me.
> There are a heck of a lot more security concerns that GnuPG could tell you
> about than just the secmem warning, such as anyone else logged onto the
> system, any network connection, the location of the gpg binary that you're
> running, if your OS has any security holes, etc, etc.  All of these issues
> can affect your GnuPG session's security directly or indirectly.
> However, their existence doesn't mean that GnuPG should be warning you
> about them.
> You're using an inffective blanket argument.
> --
> Frank Tobin