removing the secmem warning

Frank Tobin ftobin@neverending.org
Mon Jan 7 21:26:01 2002


Andrew McDonald, at 19:41 -0000 on 2002-01-07, wrote:

> "secmem" is covered in the README for those compiling for source. For
> those installing packages (rpms, debs, etc) then the package maintainer
> ought to get the package to set it up appropriately automatically.

Sorry, but this isn't going to help.  No way around it.  Over time I'm
solidly convinced of this.  Many packaging mechanisms don't contain
routines to 'notify' a user of such stuff.  It also doesn't help
unattended installs.

Anyways, on a multi-user machine, the users aren't even the ones
installing the softare!  All they get is the executable, and a manpage
(which they probably won't read). (I'm intentionaly avoiding issues of
running GnuPG on a multi-user system).

> gpg: Warning: using insecure memory!
> see http://www.gnupg.org/faq.html#q6.1 for information

I strongly think that the URL should *not* contain section numbers.  This
makes the URL much more likely to break over time.  On a similar note, I
don't recommend that any URLs that GnuPG spit out not contain .html if
they can avoid it; it also doesn't help forware compatiblity.

I recommend:
http://www.gnupg.org/faq/insecure-memory

-- 
Frank Tobin		http://www.neverending.org/~ftobin/