]> granicus.if.org Git - pdns/commitdiff
Mount /home and /run/user read-only
authorRuben Kerkhof <ruben@rubenkerkhof.com>
Wed, 4 Feb 2015 10:13:07 +0000 (11:13 +0100)
committerRuben Kerkhof <ruben@rubenkerkhof.com>
Tue, 10 Feb 2015 08:44:47 +0000 (09:44 +0100)
contrib/systemd-pdns-recursor.service

index e1d9420beff780b0a158bb09e7798920cb64a9f1..152763e196efa3770b028f17d99fa251220611ec 100644 (file)
@@ -12,6 +12,7 @@ PrivateDevices=true
 CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 NoNewPrivileges=true
 ProtectSystem=full
+ProtectHome=true
 
 [Install]
 WantedBy=multi-user.target