summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--misc-utils/uuidd.service.in11
1 files changed, 11 insertions, 0 deletions
diff --git a/misc-utils/uuidd.service.in b/misc-utils/uuidd.service.in
index a43b3c3e0..b4c9c4635 100644
--- a/misc-utils/uuidd.service.in
+++ b/misc-utils/uuidd.service.in
@@ -8,6 +8,17 @@ ExecStart=@usrsbin_execdir@/uuidd --socket-activation
Restart=no
User=uuidd
Group=uuidd
+ProtectSystem=strict
+ProtectHome=yes
+PrivateDevices=yes
+PrivateNetwork=yes
+PrivateUsers=yes
+ProtectKernelTunables=yes
+ProtectKernelModules=yes
+ProtectControlGroups=yes
+RestrictAddressFamilies=AF_UNIX
+MemoryDenyWriteExecute=yes
+SystemCallFilter=@default @file-system @basic-io @system-service @signal @io-event @network-io
[Install]
Also=uuidd.socket
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-30 05:51:25 +0200