[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gpg: "Warning: using shared memory" - SUID?

on Thu, Nov 30, 2000 at 07:09:02PM -0500, Chris Gray (cgray@nowonder.com) wrote:
> >>>>> "kmself" == kmself  <kmself@ix.netcom.com> writes:
>     >>  The other root programs shouldn't be looking at memory other
>     >> than their own, or else they'd segfault.  The major thing with
>     >> memory-locking is that the memory never gets written to disk.
>     kmself> What about /proc/kcore or /dev/mem?
> You're probably right about this (IANA security expert), but these
> should only be readable by root.  Also, if you have a malicious root,
> your private key isn't going to be all that safe anyway.

Well, on disk, your private key is secured by your passphrase (right?).
Granted, various sniffers could pick this up, but only when active, not
at all times.  So memory access is probably an easier avenue to the same

Yes, ultimately, you do have to trust your system.

Karsten M. Self <kmself@ix.netcom.com>     http://www.netcom.com/~kmself
 Evangelist, Zelerate, Inc.                      http://www.zelerate.org
  What part of "Gestalt" don't you understand?      There is no K5 cabal
   http://gestalt-system.sourceforge.net/        http://www.kuro5hin.org

Attachment: pgpbKmdOaQzN0.pgp
Description: PGP signature

Reply to: