[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] Debian skin for AIX

On Sat, Mar 09, 2002 at 01:01:49PM -0600, Jor-el wrote:
> d.  The AIX port of GNUpg (needed for signing a package) is on rather
> shaky grounds. The build that I did of this program so that I could
> excercise dpkg functions, complains that I am 'using insecure memory' -
> whatever that means. The program appears to work, but given that I am not
> a security expert, I cant tell if it is working to spec.

It is working to spec.  GnuPG tries to lock all memory it uses into RAM
in order to avoid sensitive data being swapped to permanent media like

To do that, it a) has to know about a function to do that (mlockall() on
Linux) and b) has to have the correct privileges (root for mlockall()).
If these conditions aren't met it has to live with swappable memory and
warns you about that.  It would be worth fixing.

Andreas Bombe <bombe@informatik.tu-muenchen.de>    DSA key 0x04880A44

Reply to: