diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2018-12-09 18:15:10 +0100 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2018-12-09 20:25:40 +0100 |
commit | 2147ff3bd9091b88960e2243b2d7d76d03cadc89 (patch) | |
tree | fa970590ab58a1d42913deccbca3adef05eaae83 /roles/MSA/files/etc/systemd | |
parent | 2845af5f76ad3be9c0a1f69ab478ff5a08346a4c (diff) |
systemd.service: Tighten hardening options.
Diffstat (limited to 'roles/MSA/files/etc/systemd')
-rw-r--r-- | roles/MSA/files/etc/systemd/system/postfix-sender-login.service | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/roles/MSA/files/etc/systemd/system/postfix-sender-login.service b/roles/MSA/files/etc/systemd/system/postfix-sender-login.service index 09204fa..f5e6d89 100644 --- a/roles/MSA/files/etc/systemd/system/postfix-sender-login.service +++ b/roles/MSA/files/etc/systemd/system/postfix-sender-login.service @@ -15,6 +15,11 @@ NoNewPrivileges=yes PrivateDevices=yes ProtectHome=yes ProtectSystem=strict +PrivateDevices=yes +PrivateNetwork=yes +ProtectControlGroups=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes RestrictAddressFamilies=AF_UNIX [Install] |