X-Git-Url: https://git.distorted.org.uk/u/mdw/catacomb/blobdiff_plain/8a26239fd26c599135d863912efa8d43b4764f44..5d01b1b9514a258c5a3c201e944f676cb2c467f0:/debian/catacomb-bin.templates

diff --git a/debian/catacomb-bin.templates b/debian/catacomb-bin.templates
index d4fb741..66fd54f 100644
--- a/debian/catacomb-bin.templates
+++ b/debian/catacomb-bin.templates
@@ -1,14 +1,16 @@
 Template: catacomb-bin/pixie-is-setuid
 Type: boolean
-Default: true
+Default: false
 Description: Install pixie setuid-root?
  Catacomb provides a `passphrase pixie' which prompts for passphrases
  (either on its terminal or using an external command) and remembers them
  for a configurable period of time.
  .
  For added security, the pixie can ensure that the memory it uses for
- passphrases is not swapped to disk.  To do this, it must be installed
- setuid root.  While the pixie has been carefully written so that this
- shouldn't be a security problem -- it allocates a small amount of memory,
- marks it as unswappable and then drops privileges immediately -- it may
- make some administrators nervous, so you have the option.
+ passphrases is not swapped to disk.  Nowadays this usually just works
+ assuming that users have a sensible RLIMIT_MEMLOCK setting.  Even so, it can
+ be installed setuid root just to make sure.  While the pixie has been
+ carefully written so that this shouldn't be a security problem -- it
+ allocates a small amount of memory, marks it as unswappable and then drops
+ privileges immediately -- it's not really recommended any more.  If in
+ doubt, say N here.