Hi there, I am trying to find a method to delete *running* memory/SWAP to get rid of the pgp-passphrase there after using it. To protect the passphrase I found several hints on the net, like these ones: -------------------------------------------------------------------------- " ... sudo chown root:root `which gpg` sudo chmod u+s `which gpg` gnupg needs root privs to lock the memory pages so they don't get inadvertantly paged out to disk. (Thereby leaving a plaintext copy of your "secure" message in disk for others to look at)." --------------------------------------------------------------------------- ".... Second, all passphrases are stored in non-secure memory, unless you "chown root" and "chmod 4755" your script first. Third, your script probably store passpharses somewhere on the disk, and this is *not* secure." --------------------------------------------------------------------------- setuid root = security risk? --------------------------------------------------------------------------- ".... 'setuid root' (chmod 4755 /usr/bin/gpg) , but this is also considered a security risk...." -------------------------------------------------------------------------- the following seems to be related to PGP *and* swap file: --------------------------------------------------------------------------- > We investigated the allegations made in the PGPdisk thread from a few > weeks ago. We were unable to duplicate the claim even after > significant testing. > > Interestingly, what we saw a couple of times is that the passphrase > was in the swap file because the disk editing program we were using > for the tests had put it there as it was searching for that string. > The moral of the story is that the very act of testing for this > problem requires a laboratory environment because any software which > searches for the passphrase under Win32 could write the passphrase to > disk because it is the search string. --------------------------------------------------------------------------- I also found the idea (if I understood it correctly ...) that in mutt it would be possible to remove the passphrase with <CTRL>F from memory .... but I am using pine, and I'd like to continue doing this ... :) I guess the most appropriate way is simply to remove the passphrase from memory by deleting running memory/Swap ... but is this possible with my machine? I have RedHat 6.1 on it, with the kernel from this version, and Pine 4.30. Thanks in anticipation. Wolfgang. -- http://www.jta.org/index.exe?9807133 Neo-Nazis intimidating travelers in German town (7/12/98) more info? ... please forward this mail to: [EMAIL PROTECTED] _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list