On 22/08/2022 20.10, Kenton Groombridge wrote:
Hi everyone,

I noticed that there are many systemd units which are shipped by various
packages which could be hardened, some further than they are currently and some
that could use some hardening in general.

Yes, please. Nevertheless, as others have already pointed out, this is an upstream issue and should be treated as such. That is, please feel encouraged and encourage others to submit patches upstream that adds hardening measurements to their systemd units. I usually find


a good starting point when I want to harden a service.

By addressing this upstream, everyone benefits, and potential issues caused by the hardening measurements are fixed faster (as they affect a more extensive user base).

- Flow

Attachment: OpenPGP_0x8CAC2A9678548E35.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply via email to