[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gpg: "Warning: using shared memory" - SUID?

>>>>> Harry Henry Gebel writes:

    hhg> The mode is NOT seen as security enough. The private key is
    hhg> encrypted using a symmetrical cipher whose key is derived
    hhg> from a hash of the passphrase. (the exact cipher and hash can
    hhg> be specified in an S2K block in the secret keyring) In other
    hhg> words, if you selected a very good passphrase (this is a BIG
    hhg> if for most people) if is just as well encrypted as any gpg
    hhg> encrypted message message. The reason people must not be
    hhg> allowed to read it is that it gives attackers a single key to
    hhg> discover that can then be used to recover ALL of the
    hhg> (symmetrical) keys used to encrypt messages with that key,
    hhg> (and because most people choose poor passwords discovering
    hhg> that one key would not be hard for most people's keyrings. I
    hhg> am not sure what doing 'less' on the keyring is supposed to
    hhg> indicate?

Oh.  I guess I should start thinking about what I write before I
write it.  In my defense, I didn't find anything to contradict what I
wrote in the gpg man page, but I suppose that I didn't read enough.
Consider me humbled.

Thanks for the correction,

Every child in America MUST get one of these things for Christmas or
Chanukah or Kwanzaa or Atheist Children Get Presents Day.
	-- Dave Barry

Reply to: