Insecure memory
David Shaw
dshaw at jabberwocky.com
Mon Mar 22 01:37:03 CET 2004
On Fri, Mar 19, 2004 at 09:23:11AM -1000, Maxine Brandt wrote:
> Greetings,
>
> I've read that if I SUID the gpg binary nothing will be written to disk and
> I won't be using insecure memory, but are there any security problems with
> doing this?
A bug in GnuPG could be worse if the binary was setuid. However,
GnuPG intentionally drops setuid very early in the startup phase to
avoid this.
David
More information about the Gnupg-users
mailing list