User: Password:
|
|
Subscribe / Log in / New account

GnuPG _is_ setuid

GnuPG _is_ setuid

Posted Mar 12, 2007 10:34 UTC (Mon) by ekj (guest, #1524)
In reply to: GnuPG _is_ setuid by evgeny
Parent article: GnuPG signed message spoofing vulnerability

True. There are good arguments in favour of just dropping whatever trickery requires setuid at the moment, in which case a library is unproblematic. I'm just saying, aslong as you *DO* want memory-locking, you're going to need an external app for atleast those parts. And if so, that external app may aswell do verification too, not only signing.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds