Mailing List Archive: GnuPG: users

using insecure memory

Index | Next | Previous | View Threaded

nytshade at mail

Oct 15, 1999, 2:47 PM

Post #1 of 6 (229 views)
Permalink

using insecure memory

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Folx,
How do I get my binary to stop "using insecure memory"? I looked
through the docs, and they mentioned the error, but didn't give any
directions on how to fix it :)

BTW, Thank you all for the help with the key server thing :)

C.J.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4B6EzHDWsypkOpk8RAoy4AJ48I4XtS6vLHsEOlQMUa56E4u8+dACcCbc/
UbdrVhLSdHZXMF2VNkHfNnY=
=08Kt
-----END PGP SIGNATURE-----

turtle at lynchburg

Oct 15, 1999, 3:05 PM

Post #2 of 6 (231 views)
Permalink

Re: using insecure memory [In reply to]

On Fri, Oct 15, 1999 at 07:00:47PM -0500, Derek Moeller wrote:
> As far as I know, the problem arose because a non-root user does not
> have permissions to manipulate memory in the way gnupg would need to
> in order to secure memory. Correct me if I'm wrong, but I don't
> believe there are any compile-time options available to outsmart
> system security.

Just make your binary setuid root. (as root: chmod u+s `which gpg`)
This will allow gpg to lock memory.

Chris
--
"#define QUESTION ((bb) || !(bb)) - Shakespeare."

moeller at dophnic

Oct 15, 1999, 3:14 PM

Post #3 of 6 (230 views)
Permalink

Re: using insecure memory [In reply to]

On Fri, Oct 15, 1999 at 02:47:08PM -0700, nytshade [at] mail wrote:
> Folx,
> How do I get my binary to stop "using insecure memory"? I looked
> through the docs, and they mentioned the error, but didn't give any
> directions on how to fix it :)

Put:
no-secmem-warning
in your ~/.gnupg/options file.

--
Derek Moeller
moeller [at] dophnic
http://dophnic.myip.org

nytshade at mail

Oct 15, 1999, 3:43 PM

Post #4 of 6 (231 views)
Permalink

Re: using insecure memory [In reply to]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

er.. That's not exactly what I was hoping for.. is there any way to
actualy make it STOP using insecure memory instead of just making the
errors go away? are there any compile options or such?

C.J.

On Fri, 15 Oct 1999, Derek Moeller wrote:

> On Fri, Oct 15, 1999 at 02:47:08PM -0700, nytshade [at] mail wrote:
> > Folx,
> > How do I get my binary to stop "using insecure memory"? I looked
> > through the docs, and they mentioned the error, but didn't give any
> > directions on how to fix it :)
>
> Put:
> no-secmem-warning
> in your ~/.gnupg/options file.
>
> --
> Derek Moeller
> moeller [at] dophnic
> http://dophnic.myip.org
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4B64IHDWsypkOpk8RAq/gAKCSBdr0JrmsHwTaKG4guMvYNS1nXACdEma1
EO9R2xsTpU1EQWdrlNOnVSI=
=JzAW
-----END PGP SIGNATURE-----

moeller at dophnic

Oct 15, 1999, 5:00 PM

Post #5 of 6 (231 views)
Permalink

Re: using insecure memory [In reply to]

On Fri, Oct 15, 1999 at 03:43:08PM -0700, nytshade [at] mail wrote:
> er.. That's not exactly what I was hoping for.. is there any way to
> actualy make it STOP using insecure memory instead of just making the
> errors go away? are there any compile options or such?
>

As far as I know, the problem arose because a non-root user does not
have permissions to manipulate memory in the way gnupg would need to
in order to secure memory. Correct me if I'm wrong, but I don't
believe there are any compile-time options available to outsmart
system security.

I don't believe you'd see that message under root, since it would have
sufficient permissions at that point.

> On Fri, 15 Oct 1999, Derek Moeller wrote:
>
> > On Fri, Oct 15, 1999 at 02:47:08PM -0700, nytshade [at] mail wrote:
> > > Folx,
> > > How do I get my binary to stop "using insecure memory"? I looked
> > > through the docs, and they mentioned the error, but didn't give any
> > > directions on how to fix it :)
> >
> > Put:
> > no-secmem-warning
> > in your ~/.gnupg/options file.

--
Derek Moeller
moeller [at] dophnic
http://dophnic.myip.org

tajacobs at nvbell

Oct 15, 1999, 10:11 PM

Post #6 of 6 (237 views)
Permalink

Re: using insecure memory [In reply to]

On Fri, 15 Oct 1999 nytshade [at] mail wrote:

> er.. That's not exactly what I was hoping for.. is there any way to
> actualy make it STOP using insecure memory instead of just making the
> errors go away? are there any compile options or such?

You have to install it as root. The readme explains that the program needs
to run SUID root to use secure memory.

--
Todd A. Jacobs
Network Systems Engineer

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads