diff options
| author | Craig Andrews <candrews@integralblue.com> | 2014-11-28 12:36:17 -0500 |
|---|---|---|
| committer | Craig Andrews <candrews@integralblue.com> | 2014-11-28 12:36:17 -0500 |
| commit | 1ac3b74405098d6cace271e0c5c6b0cf33ba0154 (patch) | |
| tree | f1dc9637f3eca9526b342af735de3a3e47ee6f2b /contrib | |
| parent | 11b652acb382b181927d2c31a50e4c8621615083 (diff) | |
| download | tor-1ac3b74405098d6cace271e0c5c6b0cf33ba0154.tar.gz tor-1ac3b74405098d6cace271e0c5c6b0cf33ba0154.zip | |
Use PrivateDevices instead of DeviceAllow
See 13805
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/dist/tor.service.in | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in index 57409a7b0a..63628553dd 100644 --- a/contrib/dist/tor.service.in +++ b/contrib/dist/tor.service.in @@ -16,8 +16,7 @@ LimitNOFILE = 32768 # Hardening PrivateTmp = yes -DeviceAllow = /dev/null rw -DeviceAllow = /dev/urandom r +PrivateDevices = yes InaccessibleDirectories = /home ReadOnlyDirectories = / ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor |