[Fwd: perl EUID change causing failure]

David Shaw dshaw at jabberwocky.com
Tue Aug 1 04:37:08 CEST 2006

On Mon, Jul 31, 2006 at 05:21:44PM -0700, Marcel Chastain - Security Administration wrote:
> Yeah, I already have a workaround in place, I just wanted to report it 
> to the community/developers. This is a new bug, and I think they'd be 
> interested in why it's happening... Perhaps the gnupg-devel mailing list 
> would be better..?

This is not a bug, and it certainly isn't new behavior.  GnuPG will
not run if the euid does not match the uid.  On a number of platforms,
GnuPG is installed setuid root so it can grab locked/unswappable
memory.  Once it has allocated a block of memory, it drops root privs.
To prevent any chance of an attacker fooling the system into letting
it keep root privs, it will halt if euid!=uid.


More information about the Gnupg-users mailing list