systemd unit file: ensures that the process and all its children can never gain · b4170421cc - CrySP Git Service

systemd unit file: ensures that the process and all its children can never gain
new privileges (#12939).

intrigeri 9 years ago

parent

b159ffb675

commit

b4170421cc

1 changed files with 1 additions and 0 deletions

Split View Show Diff Stats

						
							+ 1
							
							- 0
						
contrib/dist/tor.service.in
							 
								View File
							
				@@ -19,6 +19,7 @@ PrivateTmp = yes
			
				 DeviceAllow = /dev/null rw
			
				 DeviceAllow = /dev/urandom r
			
				 InaccessibleDirectories = /home
			
				+NoNewPrivileges = yes
			
				 [Install]
			
				 WantedBy = multi-user.target