Package: linux-2.6 Version: 2.6.24-4 Severity: wishlist Tags: security Hi,
Currently, the default value for RLIMIT_MEMLOCK (defined in include/linux/resource.h) is 32 KiB, because this value is enough for GnuPG. However this value is not enough for gnome-keyring-daemon, which will store both SSH and GnuPG keys, plus user passwords for various kinds of resources. Upstream authors recommend to provide a limit of at least 256 KiB for RLIMIT_MEMLOCK for the keys to remain securely in memory. Given the amount of memory in current machines, I think 256 KiB is still a very reasonable value. Could you please increase the default in the kernel? Thanks, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `- our own. Resistance is futile.
signature.asc
Description: Ceci est une partie de message numériquement signée
