subject:"Bug#820808\: haveged should start with DevicePolicy=closed"

Bug#820808: haveged should start with DevicePolicy=closed

2016-05-13 Thread Nicolas Braud-Santoni

Control: fixed -1 1.9.1-2
Control: fixed -1 1.9.1-3
Control: close -1 1.9.1-2
thanks

Nevermind, this is implicit when PrivateDevices is set.
Cf systemd.exec(5)


signature.asc
Description: PGP signature

Bug#820808: haveged should start with DevicePolicy=closed

2016-04-12 Thread Nicolas Braud-Santoni

Package: haveged
Version: 1.9.1-3
Severity: wishlist

Hi Lunar,

I think the unit file for haveged should include DevicePolicy=closed,
  reducing the impact of it having CAP_SYS_ADMIN.

I tested that here, and it works fine.

What do you think?


Best,

  nicoo


-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (900, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages haveged depends on:
ii  init-system-helpers  1.29
ii  libc62.22-5
ii  libhavege1   1.9.1-3
ii  lsb-base 9.20160110

haveged recommends no packages.

haveged suggests no packages.

-- no debconf information

Bug#820808: haveged should start with DevicePolicy=closed

Bug#820808: haveged should start with DevicePolicy=closed

2 matches

Site Navigation

Mail list logo

Footer information