[Pkg-dns-devel] Bug#863841: Enable systemd hardening options for named
Simon Deziel
simon at sdeziel.info
Wed Dec 13 19:38:12 UTC 2017
Hi,
It would be really nice to have those hardening options used. I use them
locally on Ubuntu. Please note that the Private*/Protect* options (using
the mount namespace) require this change to the Apparmor profile:
-/usr/sbin/named {
+/usr/sbin/named flags=(attach_disconnected) {
Thanks,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-dns-devel/attachments/20171213/12221da8/attachment.sig>
More information about the pkg-dns-devel
mailing list