Use PrivateDevices instead of DeviceAllow

See 13805
author: Craig Andrews <candrews@integralblue.com> 2014-11-28 12:36:17 -0500
committer: Craig Andrews <candrews@integralblue.com> 2014-11-28 12:36:17 -0500
commit: 1ac3b74405098d6cace271e0c5c6b0cf33ba0154 (patch)
tree: f1dc9637f3eca9526b342af735de3a3e47ee6f2b /contrib/dist
parent: 11b652acb382b181927d2c31a50e4c8621615083 (diff)
download: tor-1ac3b74405098d6cace271e0c5c6b0cf33ba0154.tar.gz
tor-1ac3b74405098d6cace271e0c5c6b0cf33ba0154.zip
1 files changed, 1 insertions, 2 deletions
diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in
index 57409a7b0a..63628553dd 100644
--- a/contrib/dist/tor.service.in
+++ b/contrib/dist/tor.service.in
@@ -16,8 +16,7 @@ LimitNOFILE = 32768
 
 # Hardening
 PrivateTmp = yes
-DeviceAllow = /dev/null rw
-DeviceAllow = /dev/urandom r
+PrivateDevices = yes
 InaccessibleDirectories = /home
 ReadOnlyDirectories = /
 ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor
author	Craig Andrews <candrews@integralblue.com>	2014-11-28 12:36:17 -0500
committer	Craig Andrews <candrews@integralblue.com>	2014-11-28 12:36:17 -0500
commit	1ac3b74405098d6cace271e0c5c6b0cf33ba0154 (patch)
tree	f1dc9637f3eca9526b342af735de3a3e47ee6f2b /contrib/dist
parent	11b652acb382b181927d2c31a50e4c8621615083 (diff)
download	tor-1ac3b74405098d6cace271e0c5c6b0cf33ba0154.tar.gz tor-1ac3b74405098d6cace271e0c5c6b0cf33ba0154.zip