On Tue, 5 Sep 2017 02:45, marioxcc...@yandex.com said: > Are you sure that this is required in Solaris? At least in Debian > GNU/Linux there is no need to setuid the gpg binary to root. Root setuid > programs are a security problem. If an attacker can get control of this > program, he can operate with root privileges.
Actually gpg drops suid right after initializing memory and has several checks to make sure that it has been dropped. Any, I would ignore that problem for now. If the diagnostics is annoying no-secmem-warning in gpg.conf can be used. For the other problem I noticed that the gpg binary is pretty small and thus I assume gpg is some kind of wrapper script. Mote information on the installation is needed, in particular the gnupg versions and how it was build. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgp7AzZQ5SulM.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
