On Mon, Jul 03, 2023 at 11:40:18PM +0200, Marco d'Itri wrote: > This is a good example of what an almost fully sandboxed service looks > like: > > https://salsa.debian.org/md/rpki-client/-/blob/master/debian/rpki-client.service Cool but looks like a lot of work. Is it possible to do this without applying the flags one by one and testing the result? Is it easier to start with applying all of them and then looking what needs to be disabled?
- systmd-analyze security as a release goal Russell Coker
- Re: systmd-analyze security as a release goal Jonathan Carter
- Re: systmd-analyze security as a release goal Cyril Brulebois
- Re: systmd-analyze security as a release goal RL
- Re: systmd-analyze security as a release goal Richard Laager
- Re: systmd-analyze security as a release goal Simon McVittie
- Re: Re: systmd-analyze security as a rele... Josh Triplett
- Re: systmd-analyze security as a release goal Marco d'Itri
- Re: systmd-analyze security as a release ... Andrey Rakhmatullin
- Re: systmd-analyze security as a rele... Marco d'Itri
- Re: systmd-analyze security as a... Trent W. Buck
- Re: systmd-analyze security as a release ... Trent W. Buck
- Re: systemd-analyze security as a release goa... Trent W. Buck
- Re: systemd-analyze security as a release... Marco d'Itri
- Re: systemd-analyze security as a rel... Trent W. Buck
- Re: systmd-analyze security as a release goal Russell Coker
- Re: systmd-analyze security as a release goal Philipp Kern
- Re: systmd-analyze security as a release ... Russ Allbery
- Re: systmd-analyze security as a rele... Trent W. Buck