Alexander W. Janssen
yalla at fsfe.org
Wed Jun 11 21:37:15 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
michael graffam schrieb:
> Not a real solution, because if LD_PRELOAD is already set, then the
> shell you type unset into might be overloaded as we'll, already.
OK, that was new to me. I checked it with some simple tests  and
you're absolutely right. Unsetting doesn't help.
> Manually walking the environment pointer reveals it, of course.
Still not sure, what you're meaning?
But still: The LD_PRELOAD-thing is so fundamental - if you are not in
control of your running shell, you have a problem anyway. I don't think
it's up to gnupg to solve that problem.
It can't even - except static linking with puts you straight into
 - some simple LD_PRELOAD tests: https://pastebin.ynfonatic.de/152
> On 6/11/08, Alexander W. Janssen <yalla at fsfe.org> wrote:
> michael graffam schrieb:
> Run "unset LD_PRELOAD" before running gnupg if you don't trust the system?
> It's an inherent feature of the loader. Compiling everthing statically
> only works around this inherent feature/problem, however you call it.
> And it wouldn't prevent any other keyloggers or flaws in drivers.
> Just my 2c though.
Gnupg-users mailing list
Gnupg-users at gnupg.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Gnupg-users