Page MenuHome GnuPG

mlock requires privilege
Open, NormalPublic

Description

On Solaris, mlock(2) requires PRIV_PROC_LOCK_MEMORY} privilege to work.
Similarly, with FreeBSD kernel configured with

# sysctl security.bsd.unprivileged_mlock=0

It is priviledged operation.

Event Timeline

werner added a subscriber: werner.

It is possible to disable the mlock thingy and if that is not wanted the application should be modified to be suid(root) during Libgcrypt initialization - this is actually how we handle this in GnuPG. Or maybe I don't understand the bug described here. It seems to be more of a support question.