[lug] gpg question
stimits at idcomm.com
Mon May 21 12:22:29 MDT 2001
charles at lunarmedia.net wrote:
> i am seeing "gpg: Warning: using insecure memory!" come up every time i
> issue any gpg command. i am running RH6.2 with 2.2.19
> its seems like i didnt/dont see this on machines running the 2.4 kernel. i
> am using gnupg-1.0.5-0.6.x
> is this something that this version of gpg puts out, or has it always been
> there and i just missed it?
> thanks -cjm
I see the message too. Someone here probably has a more specific answer,
but I believe it refers to the possibility that someone snooping kernel
ram could read the message unencrypted while it is being created. If you
are willing to assume nobody has the ability to snoop ram, it is
unlikely a problem. Someone correct me if I am wrong.
FYI, it spawns the idea that a ram disk could be used, and that the ram
disk could be covered by loopback encryption the way a hard drive could.
Not sure if that would solve anything, since you would have to have a
way of doing this with the ram the kernel uses for the actual
computation, which is different from a normal ram disk or hard drive.
(anyone know if loopback encryption could be used to cover mmap'd kernel
space ram, which would then be used to mmap to the user space program?)
D. Stimits, stimits at idcomm.com
More information about the LUG