1 files changed, 6 insertions, 0 deletions

diff --git a/roles/lists/files/etc/systemd/system/wwsympa.service b/roles/lists/files/etc/systemd/system/wwsympa.service
index 7d2440c..3f76aca 100644
--- a/roles/lists/files/etc/systemd/system/wwsympa.service
+++ b/roles/lists/files/etc/systemd/system/wwsympa.service
@@ -3,23 +3,29 @@ Description=WWSympa Service
 After=network.target
 PartOf=sympa.service
 Requires=wwsympa.socket
 
 [Service]
 StandardInput=socket
 User=sympa
 Group=sympa
 ExecStart=/usr/lib/cgi-bin/sympa/wwsympa.fcgi
 
 # Hardening
 NoNewPrivileges=yes
 PrivateDevices=yes
 ProtectHome=yes
 ProtectSystem=strict
 PrivateTmp=yes
 ReadWriteDirectories=/etc/sympa
 ReadWriteDirectories=/var/lib/sympa
 ReadWriteDirectories=-/var/run/sympa
 ReadWriteDirectories=/var/spool/sympa
+PrivateDevices=yes
+PrivateNetwork=yes
+ProtectControlGroups=yes
+ProtectKernelModules=yes
+ProtectKernelTunables=yes
+RestrictAddressFamilies=
 
 [Install]
 WantedBy=multi-user.target