removing the secmem warning
Stefan Bellon
sbellon@sbellon.de
Tue Jan 8 00:40:02 2002
Frank Tobin <ftobin@neverending.org> wrote:
> Stefan Bellon, at 23:02 +0100 on 2002-01-07, wrote:
> > In a security software, I want to know about all security concerns
> > that may occur! If I decide to ignore them, then I may do so, but
> > at first I want that the program doesn't hide any potential
> > problems away from me.
> There are a heck of a lot more security concerns that GnuPG could
> tell you about than just the secmem warning, such as anyone else
> logged onto the system, any network connection, the location of the
> gpg binary that you're running, if your OS has any security holes,
> etc, etc. All of these issues can affect your GnuPG session's
> security directly or indirectly. However, their existence doesn't
> mean that GnuPG should be warning you about them.
That's different. GnuPG can't know about everything on my system
(especially not about security holes and information of the system
GnuPG has no access to). But if GnuPG *knows* that it's currently doing
something which could cause problems, then I want it to tell me.
> You're using an inffective blanket argument.
No, I'm not. See above. Something like "deliberately" vs. "on
oversight".
Greetings,
Stefan.
--
Stefan Bellon * <mailto:sbellon@sbellon.de> * <http://www.sbellon.de/>
PGP 2 and OpenPGP keys available from my home page
Data file? No thanks, I prefer to date people