False insecure memory warnings...

[David Shaw]

--24zk1gE8NUlDmwG9
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Fri, Apr 04, 2003 at 10:57:19AM -0500, gabriel rosenkoetter wrote:
> On Thu, Apr 03, 2003 at 04:40:52PM -0500, David Shaw wrote:
> > I've seen this a few times before.  Check to make sure that there
> > isn't another copy of gpg somewhere, and the gpg that cron is running
> > is the same one that you're running from the shell.

[ that is not the problem ]

> So then. Is there *any* way that this is a problem with gpg, or is
> it time for me to go digging in just what the hell NetBSD's crond is
> doing with euids?

Very interesting.  There are a few other reasons that GnuPG might be
unable to get secure memory.  Being not setuid root (on those
platforms that need it) is only the most common.

Let's dig a bit more.  What happens if you run this program out of
cron in the same way (zsh -c 'time testprog').  Make testprog setuid
root.

#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>

int main(int argc,char *argv[])
{
  printf("UID: %d\n",(int)getuid());
  printf("EUID: %d\n",(int)geteuid());

  return 0;
}

The other obvious thing to try is to rebuild GnuPG to see if something
changed in the underlying libraries when you upgraded NetBSD (you may
have done this already).

David

--24zk1gE8NUlDmwG9
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2rc1 (GNU/Linux)
Comment: http://www.jabberwocky.com/david/keys.asc

iD8DBQE+jcYu4mZch0nhy8kRAs6VAKCgoqL+lNHjweU0teX04eDM43OaZACgnZkO
dcPPQBfRSfn6mk7nr1yxXa4=
=5Yni
-----END PGP SIGNATURE-----

--24zk1gE8NUlDmwG9--