Re: Invalid self-signature (was: Re: FreeBSD Ports Security Advisory FreeBSD-SA-01:67.htdig)
From: Chris BeHanna (behanna@zbzoom.net)
Date: 12/27/01
- Next message: John F Cuzzola: "ipfw by MAC"
- Previous message: Chris BeHanna: "Re: kdm grants ordinary users root access on 4.4-R"
- In reply to: The Anarcat: "Invalid self-signature (was: Re: FreeBSD Ports Security Advisory FreeBSD-SA-01:67.htdig)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Dec 2001 17:48:44 -0500 (EST) From: Chris BeHanna <behanna@zbzoom.net> To: <security@freebsd.org>
On Mon, 17 Dec 2001, The Anarcat wrote:
> Is it me or is there something wrong with the signer keys on the
> keyservers?
>
> Mutt tells me this:
>
> [-- PGP output follows (current time: Mon Dec 17 18:01:10 2001) --]
> gpg: Warning: using insecure memory!
^^^^^^^^^^^^^^^^^^^^^
This is itself a problem. gpg needs to be setuid root in order to
lock pages in memory, so that your passphrase never makes it into the
swap file.
-- Chris BeHanna Software Engineer (Remove "bogus" before responding.) behanna@bogus.zbzoom.net I was raised by a pack of wild corn dogs. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Next message: John F Cuzzola: "ipfw by MAC"
- Previous message: Chris BeHanna: "Re: kdm grants ordinary users root access on 4.4-R"
- In reply to: The Anarcat: "Invalid self-signature (was: Re: FreeBSD Ports Security Advisory FreeBSD-SA-01:67.htdig)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
