| 1 | Template: catacomb-bin/pixie-is-setuid |
| 2 | Type: boolean |
| 3 | Default: true |
| 4 | Description: Install pixie setuid-root? |
| 5 | Catacomb provides a `passphrase pixie' which prompts for passphrases |
| 6 | (either on its terminal or using an external command) and remembers them |
| 7 | for a configurable period of time. |
| 8 | . |
| 9 | For added security, the pixie can ensure that the memory it uses for |
| 10 | passphrases is not swapped to disk. To do this, it must be installed |
| 11 | setuid root. While the pixie has been carefully written so that this |
| 12 | shouldn't be a security problem -- it allocates a small amount of memory, |
| 13 | marks it as unswappable and then drops privileges immediately -- it may |
| 14 | make some administrators nervous, so you have the option. |