Re: mutt/580: mutt stores PGP passphrase insecurely
Earlier in this bug it was stated that a process must be root to
mlock() memory under Linux. That was true back then (this is a
long-lived bug), but it is no longer true in more modern kernels.
These days, any process can mlock() however much memory the user
chooses to allow it to lock (set via ulimit like the other limits).
At least on Linux, mutt can do the right thing with storing
passphrases securely. This may be true on other systems as well, but
I can only say for sure about Linux,
David