Insecure memory (and SUID)? - PGP

This is a discussion on Insecure memory (and SUID)? - PGP ; I keep getting the insecure memory warning: % gpg --list-keys gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information but I've set it SUID -rwsr-xr-x 1 root root 2543216 2004-02-26 01:34 /usr/local/bin/gpg* % gpg --version gpg (GnuPG) ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Insecure memory (and SUID)?

  1. Insecure memory (and SUID)?

    I keep getting the insecure memory warning:

    % gpg --list-keys
    gpg: WARNING: using insecure memory!
    gpg: please see http://www.gnupg.org/faq.html for more information

    but I've set it SUID
    -rwsr-xr-x 1 root root 2543216 2004-02-26 01:34 /usr/local/bin/gpg*

    % gpg --version
    gpg (GnuPG) 1.2.2-rc1-SuSE
    Copyright (C) 2002 Free Software Foundation, Inc.
    This program comes with ABSOLUTELY NO WARRANTY.
    This is free software, and you are welcome to redistribute it
    under certain conditions. See the file COPYING for details.

    Home: ~/.gnupg
    Supported algorithms:
    Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA, ELG
    Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
    Hash: MD5, SHA1, RIPEMD160
    Compress: Uncompressed, ZIP, ZLIB

    % uname -a
    Linux host 2.4.20 #3 Tue Jun 10 02:16:55 EST 2003 i686 unknown unknown GNU/Linux

    Anyone know what's going on?

    -jason

  2. Re: Insecure memory (and SUID)?

    usenet.9.jvarsoke@spamgourmet.com (JVarsoke) writes:

    > I keep getting the insecure memory warning:
    >
    > % gpg --list-keys
    > gpg: WARNING: using insecure memory!
    > gpg: please see http://www.gnupg.org/faq.html for more information
    >
    > but I've set it SUID
    > -rwsr-xr-x 1 root root 2543216 2004-02-26 01:34 /usr/local/bin/gpg*


    How'd that thing get so big?

    billyoc@dps11:~$ ls -l /usr/bin/gpg
    -rwsr-xr-x 1 root root 644716 Jan 20 12:37 /usr/bin/gpg

    Are you sure you don't have another binary in the $PATH? I've only
    ever seen this message running my local cvs copy.

  3. Re: Insecure memory (and SUID)?

    Billy O'Connor wrote in message news:<87wu682jrp.fsf@dps11.gnuyork.org>...
    > usenet.9.jvarsoke@spamgourmet.com (JVarsoke) writes:
    >
    > > I keep getting the insecure memory warning:


    > How'd that thing get so big?


    no idea, that's what I compiled.

    >
    > billyoc@dps11:~$ ls -l /usr/bin/gpg
    > -rwsr-xr-x 1 root root 644716 Jan 20 12:37 /usr/bin/gpg
    >
    > Are you sure you don't have another binary in the $PATH? I've only
    > ever seen this message running my local cvs copy.


    ah! yes, you are right. Weird, didn't know my distro installed a copy
    of this in /usr/bin/gpg (which of course is not SUID root). Thanks.

    -jason

  4. Re: Insecure memory (and SUID)?

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    usenet.9.jvarsoke@spamgourmet.com (JVarsoke) writes:

    >Billy O'Connor wrote in message news:<87wu682jrp.fsf@dps11.gnuyork.org>...
    >> usenet.9.jvarsoke@spamgourmet.com (JVarsoke) writes:
    >>
    >> > I keep getting the insecure memory warning:


    >> How'd that thing get so big?


    >no idea, that's what I compiled.


    Maybe try "strip gpg" to remove debugging symbols (unless you want
    them to be there).

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (SunOS)

    iD8DBQFAQMzyvmGe70vHPUMRAn0WAJkBK1KFNaJwFwn8PIhcee PH4E2aegCg0qm5
    RiT7i9Yaubsdy4dhSQxNzgI=
    =GPSL
    -----END PGP SIGNATURE-----


+ Reply to Thread