Bug 11806 - insecure memory, unsupported public key algorithms.
insecure memory, unsupported public key algorithms.
Status: CLOSED NOTABUG
Product: Red Hat Raw Hide
Classification: Retired
Component: gnupg (Show other bugs)
1.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-05-31 15:47 EDT by Pekka Savola
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-05-31 15:47:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Pekka Savola 2000-05-31 15:47:41 EDT
gpg blurts out a message warning about using insecure memory:
---
gpg: Warning: using insecure memory!
---
(I''m assuming this always happens.. I upgraded with .src.rpm''s from RH51 
though)

Can this be fixed?


------

Also, when reading mails using rawhide pine that has gpg filters built in, 
there will be annoyingly long freezes when gpg checks for keys.  This 
happens with every message on bugtraq daily.

This might be somehow related to following kind of messages:
---
gpg: key 3D25D3D9: unsupported public key algorithm
gpg: key 3D25D3D9: no valid user IDs
---
[pub  2048/3D25D3D9 1999/03/06 SuSE Security Team <security@suse.de> -- PGP 
2.6.3i ]

Very many organizations seem to sign their messages with PGP 2.6.3i
and fetching the signatures off a keyserver (using keyserver 
wwwkeys.de.pgp.net) always fails.
Comment 1 Nalin Dahyabhai 2000-05-31 16:21:48 EDT
The first problem has to do with the fact that when GPG is running, it can be
swapped out to disk by the kernel, which isn''t be cleared automatically when
it gets swapped in, so sensitive information might be there.  To counter this,
GPG would have to be executing as root to lock its pages in RAM (i.e., running
GPG setuid-root, which it supports), which might lead to other problems.  For
now, we won''t be doing that.

As for the keys, if they''re RSA keys, there''s nothing we can do about that while
the RSA algorithms are patented in the U.S.
Comment 2 Nalin Dahyabhai 2000-10-27 13:00:11 EDT
*** Bug 19897 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.