Red Hat Bugzilla – Bug 11806
insecure memory, unsupported public key algorithms.
Last modified: 2008-05-01 11:37:55 EDT
gpg blurts out a message warning about using insecure memory:
gpg: Warning: using insecure memory!
(I''m assuming this always happens.. I upgraded with .src.rpm''s from RH51
Can this be fixed?
Also, when reading mails using rawhide pine that has gpg filters built in,
there will be annoyingly long freezes when gpg checks for keys. This
happens with every message on bugtraq daily.
This might be somehow related to following kind of messages:
gpg: key 3D25D3D9: unsupported public key algorithm
gpg: key 3D25D3D9: no valid user IDs
[pub 2048/3D25D3D9 1999/03/06 SuSE Security Team <firstname.lastname@example.org> -- PGP
Very many organizations seem to sign their messages with PGP 2.6.3i
and fetching the signatures off a keyserver (using keyserver
wwwkeys.de.pgp.net) always fails.
The first problem has to do with the fact that when GPG is running, it can be
swapped out to disk by the kernel, which isn''t be cleared automatically when
it gets swapped in, so sensitive information might be there. To counter this,
GPG would have to be executing as root to lock its pages in RAM (i.e., running
GPG setuid-root, which it supports), which might lead to other problems. For
now, we won''t be doing that.
As for the keys, if they''re RSA keys, there''s nothing we can do about that while
the RSA algorithms are patented in the U.S.
*** Bug 19897 has been marked as a duplicate of this bug. ***