mlock requires privilege
Open, NormalPublic

Description

On Solaris, mlock(2) requires PRIV_PROC_LOCK_MEMORY} privilege to work.
Similarly, with FreeBSD kernel configured with

# sysctl security.bsd.unprivileged_mlock=0

It is priviledged operation.

gniibe created this task.Jan 24 2020, 2:21 AM
werner edited projects, added FAQ; removed Bug Report.Thu, Jan 7, 11:22 AM
werner added a subscriber: werner.

It is possible to disable the mlock thingy and if that is not wanted the application should be modified to be suid(root) during Libgcrypt initialization - this is actually how we handle this in GnuPG. Or maybe I don't understand the bug described here. It seems to be more of a support question.