Comment 62 for bug 423252

Looking at the gcrypt code, it seems this bug should be reported against that; this whole secmem implementation (1) requires a program to be started as root (setuid) and (2) always drops the root priv when it has initialized its secure memory. These behaviors would certainly interfere with any setuid programs normal behavior. Seems like a design flaw in libgcrypt, as the docs http://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html#Initializing-the-library state that the application is responsible for controlling this behavior. Apps that are unaware that they are using gcrypt (because it came in implicitly through gnutls, thru libldap, thru nss) are SOL.