Package: sslh Version: 1.20-1 Severity: minor Dear Maintainer,
There might be room for improving the systemd service file you seem to have provided since version 1.15-1 where changelog said: + debian/sslh.service, based on upstream scripts/systemd.sslh.service It seems the upstream service file has evolved with security hardening[1] features, which has not been put into the debian variant. Please consider adding a patch in debian/patches that simply changes the EnvironmentFile variable instead of duplicating the service file. (You could either manually install upstreams file via debian/install or you could also symlink debian/sslh.service to upstreams service file to have debhelper install it for you.) I also wonder if you can't drop the sslh.tmpfile and simply use the 'RuntimeDirectory=sslh' directive in the service file to get the /run/sslh directory created for you. Regards, Andreas Henriksson [1]: https://lintian.debian.org/tags/systemd-service-file-missing-hardening-features.html