On Wednesday, 21 September 2016 at 18:05, Björn Persson wrote: > Michael Catanzaro <mcatanz...@gnome.org> wrote: > > Oh, GNOME keyring still works mostly fine, it just fails to lock the > > memory to prevent it from being paged to disk. It only really matters > > if you're running some ultra-secure military/government stuff, but it's > > not how it was designed to work. > > Although I can't find a source now, I seem to recall that GnuPG recently > stopped using special memory-locking widgets for its passphrase entry > dialog. One of the reasons mentioned was that mlock doesn't add much > security because hibernation will write even locked memory to the disk.
When using SecureBoot, hibernation is disabled, so only suspend-to-RAM might be a concern. Regards, Dominik -- Fedora http://fedoraproject.org/wiki/User:Rathann RPMFusion http://rpmfusion.org "Faith manages." -- Delenn to Lennier in Babylon 5:"Confessions and Lamentations" _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
