diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2018-12-09 18:15:10 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2018-12-09 20:25:40 +0100 |
commit | 2147ff3bd9091b88960e2243b2d7d76d03cadc89 (patch) | |
tree | fa970590ab58a1d42913deccbca3adef05eaae83 /roles/IMAP/files/etc/systemd | |
parent | 2845af5f76ad3be9c0a1f69ab478ff5a08346a4c (diff) |
systemd.service: Tighten hardening options.
Diffstat (limited to 'roles/IMAP/files/etc/systemd')
-rw-r--r-- | roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service b/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service index 7e790e3..d20f9c2 100644 --- a/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service +++ b/roles/IMAP/files/etc/systemd/system/dovecot-auth-proxy.service @@ -15,6 +15,11 @@ NoNewPrivileges=yes PrivateDevices=yes ProtectSystem=strict ProtectHome=read-only +PrivateDevices=yes +PrivateNetwork=yes +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes RestrictAddressFamilies= [Install] |