On Wed, 2 Aug 2006 21:37, Brian M. Carlson said: > I am inclined to say that this is grave, but since gnupg tends to do > memory allocation before it drops privileges, you might find that this
The allocation problem, which is overflow like malloc(numbercontrolledbyuser+20), can only happen after privs are dropped. It is in the parser of the actual OpenPGP data. So there is no privilege escalation just a "normal" remote code execution possible. BTW, In general I don't think it is worth to install gpg suid(root); there are too may other bugs in the entire OS which will make it easier to get the password than through a swap file. Salam-Shalom, Werner -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
