Re: gpg: "Warning: using shared memory" - SUID?
- To: Debian User <debian-user@lists.debian.org>
- Subject: Re: gpg: "Warning: using shared memory" - SUID?
- From: Chris Gray <cgray@nowonder.com>
- Date: Fri, 01 Dec 2000 10:23:35 -0500
- Message-id: <[🔎] 87pujccgi0.fsf@nowonder.com>
- In-reply-to: Harry Henry Gebel's message of "Thu, 30 Nov 2000 22:57:53 -0500"
- References: <20001130035023.F7159@ix.netcom.com> <20001130192549.A2405@linuxpower.org> <20001130120558.A24401@ix.netcom.com> <20001130212859.B3737@linuxpower.org> <20001130123233.E24401@ix.netcom.com> <87ofyxqh0t.fsf@nowonder.com> <20001130141555.C29947@ix.netcom.com> <873dg9q9y9.fsf@nowonder.com> <20001130174728.A308@ix.netcom.com> <87hf4ohm6x.fsf@nowonder.com> <20001130225753.E31152@magpage.com>
>>>>> Harry Henry Gebel writes:
hhg> The mode is NOT seen as security enough. The private key is
hhg> encrypted using a symmetrical cipher whose key is derived
hhg> from a hash of the passphrase. (the exact cipher and hash can
hhg> be specified in an S2K block in the secret keyring) In other
hhg> words, if you selected a very good passphrase (this is a BIG
hhg> if for most people) if is just as well encrypted as any gpg
hhg> encrypted message message. The reason people must not be
hhg> allowed to read it is that it gives attackers a single key to
hhg> discover that can then be used to recover ALL of the
hhg> (symmetrical) keys used to encrypt messages with that key,
hhg> (and because most people choose poor passwords discovering
hhg> that one key would not be hard for most people's keyrings. I
hhg> am not sure what doing 'less' on the keyring is supposed to
hhg> indicate?
Oh. I guess I should start thinking about what I write before I
write it. In my defense, I didn't find anything to contradict what I
wrote in the gpg man page, but I suppose that I didn't read enough.
Consider me humbled.
Thanks for the correction,
Chris
--
Every child in America MUST get one of these things for Christmas or
Chanukah or Kwanzaa or Atheist Children Get Presents Day.
-- Dave Barry
Reply to: