[tor-bugs] #20930 [Core Tor/Tor]: Use new systemd hardening options
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Dec 16 12:04:32 UTC 2016
#20930: Use new systemd hardening options
---------------------------------------+----------------------------------
Reporter: serafean | Owner:
Type: enhancement | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-03-unspecified-201612 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------------------+----------------------------------
Comment (by serafean):
three more settings :
{{{
RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
MemoryDenyWriteExecute=yes
RestrictNamespaces=yes #Available in systemd-233
}}}
Tor still starts and works with these set.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20930#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list