|
|
@@ -13,7 +13,20 @@ TimeoutSec = 15
|
|
|
NoNewPrivileges=true
|
|
|
SystemCallArchitectures=native
|
|
|
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK
|
|
|
-ProtectKernelModules=True
|
|
|
+RestrictNamespaces=true
|
|
|
+RestrictRealtime=true
|
|
|
+RestrictSUIDSGID=true
|
|
|
+ProtectClock=true
|
|
|
+ProtectControlGroups=true
|
|
|
+ProtectHostname=true
|
|
|
+ProtectKernelLogs=true
|
|
|
+ProtectKernelModules=true
|
|
|
+ProtectKernelTunables=true
|
|
|
+LockPersonality=true
|
|
|
+PrivateTmp=true
|
|
|
+PrivateDevices=false
|
|
|
+PrivateUsers=true
|
|
|
+RemoveIPC=true
|
|
|
SystemCallFilter=~@clock
|
|
|
SystemCallFilter=~@aio
|
|
|
SystemCallFilter=~@chown
|
Claus Vium