On Wednesday, 21 September 2016 at 18:05, Björn Persson wrote:
> Michael Catanzaro <mcatanz...@gnome.org> wrote:
> > Oh, GNOME keyring still works mostly fine, it just fails to lock the
> > memory to prevent it from being paged to disk. It only really matters
> > if you're running some ultra-secure military/government stuff, but it's
> > not how it was designed to work.
> Although I can't find a source now, I seem to recall that GnuPG recently
> stopped using special memory-locking widgets for its passphrase entry
> dialog. One of the reasons mentioned was that mlock doesn't add much
> security because hibernation will write even locked memory to the disk.
When using SecureBoot, hibernation is disabled, so only suspend-to-RAM
might be a concern.
-- Delenn to Lennier in Babylon 5:"Confessions and Lamentations"
devel mailing list -- email@example.com
To unsubscribe send an email to devel-le...@lists.fedoraproject.org