Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for June 20, 2013
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
There is no need to worry about memory pages not being swapped to disk when verifying a signed message against a _public_ key...
GnuPG _is_ setuid
Posted Mar 11, 2007 17:51 UTC (Sun) by ekj (guest, #1524)
True, true, one *could* do the former with a C-library, and the latter by piping to a setuid-executable, but most developers would probably consider the two funcitons related and prefer they both be accesses by the same mechanism.
Posted Mar 11, 2007 21:40 UTC (Sun) by evgeny (guest, #774)
In general, though, the locked-to-RAM pages are more or less a fiction. With the VM stuff entering our life, what an OS believes is RAM might actually be a swap in the host. Ditto for software/hardware suspend etc. All in all, I prefer a clean API over a mess with potential marginal extra security through the locked pages (and much less marginal chances of get screwed because of potential bugs in gpg being run setuid). Not to mention that e.g. ssh doesn't use mlock so ... why would one worry about gpg specifically?
Posted Mar 12, 2007 10:34 UTC (Mon) by ekj (guest, #1524)
Posted Mar 16, 2007 12:28 UTC (Fri) by robbe (guest, #16131)
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds