https://bugzilla.novell.com/show_bug.cgi?id=224135 Summary: drop setuid root bit from gpg Product: openSUSE 10.3 Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: kssingvo@novell.com ReportedBy: meissner@novell.com QAContact: qa@suse.de CC: security-team@suse.de gpg only needs a setuid root bit to do mlock(2) (if i see it correectly). With newer Linux 2.6 kernels there is a small amout of memory that every user can lock, so root privileges are no longer necessary. So we should drop the setuid root bit for 10.3+ -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.