Re: gpg: "Warning: using shared memory" - SUID?

To: Debian User <debian-user@lists.debian.org>
Subject: Re: gpg: "Warning: using shared memory" - SUID?
From: Chris Gray <cgray@nowonder.com>
Date: Thu, 30 Nov 2000 22:09:26 -0500
Message-id: <[🔎] 87hf4ohm6x.fsf@nowonder.com>
In-reply-to: kmself@ix.netcom.com's message of "Thu, 30 Nov 2000 17:47:29 -0800"
References: <[🔎] 20001130035023.F7159@ix.netcom.com> <20001130192549.A2405@linuxpower.org> <[🔎] 20001130120558.A24401@ix.netcom.com> <[🔎] 20001130212859.B3737@linuxpower.org> <[🔎] 20001130123233.E24401@ix.netcom.com> <[🔎] 87ofyxqh0t.fsf@nowonder.com> <[🔎] 20001130141555.C29947@ix.netcom.com> <[🔎] 873dg9q9y9.fsf@nowonder.com> <[🔎] 20001130174728.A308@ix.netcom.com>

>>>>> "kmself" == kmself  <kmself@ix.netcom.com> writes:

    >>  You're probably right about this (IANA security expert), but
    >> these should only be readable by root.  Also, if you have a
    >> malicious root, your private key isn't going to be all that
    >> safe anyway.

    kmself> Well, on disk, your private key is secured by your
    kmself> passphrase (right?).  

I just did a 'less' on my secring.gpg, so...  (remember the thread on
the difficulty of password protecting a directory recently) 

I don't think that the private key is encrypted in any way.  The fact
that it has mode 0600 is seen as security enough.

Finally, writing a program to read /proc/kcore to try to find secret
keys sounds ridiculously hard to me.  Maybe if you trojaned gpg it
would work, but even then you could just have gpg send you the secret
key so there's no point.

    kmself> Yes, ultimately, you do have to trust your system.

Right.

Cheers,
Chris

-- 
Every child in America MUST get one of these things for Christmas or
Chanukah or Kwanzaa or Atheist Children Get Presents Day.
	-- Dave Barry

Reply to:

Follow-Ups:
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: Harry Henry Gebel <hgebel@magpage.com>
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: kmself@ix.netcom.com

References:
- gpg: "Warning: using shared memory" - SUID?
  - From: kmself@ix.netcom.com
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: kmself@ix.netcom.com
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: Adam Langley <agl@linuxpower.org>
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: kmself@ix.netcom.com
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: Chris Gray <cgray@nowonder.com>
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: kmself@ix.netcom.com
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: Chris Gray <cgray@nowonder.com>
- Re: gpg: "Warning: using shared memory" - SUID?
  - From: kmself@ix.netcom.com

Prev by Date: Re: coping with a high-volume mailing list (like this one)?
Next by Date: Re: Help: /usr/bin/pgp: no such file or directory
Previous by thread: Re: gpg: "Warning: using shared memory" - SUID?
Next by thread: Re: gpg: "Warning: using shared memory" - SUID?
Index(es):
- Date
- Thread