[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] Fix releasing procedure

From: Bob Friesenhahn
Subject: Re: [PATCH] Fix releasing procedure
Date: Tue, 27 Jan 2004 09:35:58 -0600 (CST)

On Tue, 27 Jan 2004, Alexandre Duret-Lutz wrote:

> On Tue, Jan 27, 2004 at 10:59:58AM +0000, Scott James Remnant wrote:
> > On Tue, 2004-01-27 at 10:40, Alexandre Duret-Lutz wrote:
> >
> > > On Tue, Jan 27, 2004 at 10:17:52AM +0000, Scott James Remnant wrote:
> > > > *gulps* it stores my GPG passphrase in a shell variable?!
> > >
> > > Yep.  Just like mailcrypt stores it in an emacs variable, or gpg in a
> > > C variable.  What's the difference?
> > >
> > GPG takes great pains to use secure memory for the passphrase, so it
> > can't be read by any random joe logged into the box.
> But anyway the other tools (e.g. mailer) I use on top of gpg don't use
> secure memory either, so it makes no difference to me.
> Also, AFAICT secure memory just means that the memory will not be
> swapped to disk, it has nothing to do with random joe.

I must have missed the original message on this topic.  Maybe it will
arrive later since all the messages arrived in reverse order.

Regardless of whether memory is locked into position so it can't be
swapped and thereby readable from the paging area, the root user could
access it via the /proc filesystem or by using a debugging interface.
Unfortunately, most hacks these days are by random joes who become
root users.

Bob Friesenhahn

reply via email to

[Prev in Thread] Current Thread [Next in Thread]