Re: gpg: "Warning: using shared memory" - SUID?

[Chris Gray <cgray@nowonder.com>]

>>>>> Harry Henry Gebel writes:

    hhg> The mode is NOT seen as security enough. The private key is
    hhg> encrypted using a symmetrical cipher whose key is derived
    hhg> from a hash of the passphrase. (the exact cipher and hash can
    hhg> be specified in an S2K block in the secret keyring) In other
    hhg> words, if you selected a very good passphrase (this is a BIG
    hhg> if for most people) if is just as well encrypted as any gpg
    hhg> encrypted message message. The reason people must not be
    hhg> allowed to read it is that it gives attackers a single key to
    hhg> discover that can then be used to recover ALL of the
    hhg> (symmetrical) keys used to encrypt messages with that key,
    hhg> (and because most people choose poor passwords discovering
    hhg> that one key would not be hard for most people's keyrings. I
    hhg> am not sure what doing 'less' on the keyring is supposed to
    hhg> indicate?

Oh.  I guess I should start thinking about what I write before I
write it.  In my defense, I didn't find anything to contradict what I
wrote in the gpg man page, but I suppose that I didn't read enough.
Consider me humbled.

Thanks for the correction,
Chris

-- 
Every child in America MUST get one of these things for Christmas or
Chanukah or Kwanzaa or Atheist Children Get Presents Day.
	-- Dave Barry