Bug 11806
Summary: | insecure memory, unsupported public key algorithms. | ||
---|---|---|---|
Product: | [Retired] Red Hat Raw Hide | Reporter: | Pekka Savola <pekkas> |
Component: | gnupg | Assignee: | Nalin Dahyabhai <nalin> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 1.0 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2000-05-31 19:47:42 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Pekka Savola
2000-05-31 19:47:41 UTC
The first problem has to do with the fact that when GPG is running, it can be swapped out to disk by the kernel, which isn''t be cleared automatically when it gets swapped in, so sensitive information might be there. To counter this, GPG would have to be executing as root to lock its pages in RAM (i.e., running GPG setuid-root, which it supports), which might lead to other problems. For now, we won''t be doing that. As for the keys, if they''re RSA keys, there''s nothing we can do about that while the RSA algorithms are patented in the U.S. |