https://bugzilla.redhat.com/show_bug.cgi?id=1351354 Bug ID: 1351354 Summary: amavisd-new: additional systemd hardening Product: Fedora Version: 24 Component: amavisd-new Assignee: j.orti.alcaine@xxxxxxxxx Reporter: candrews@xxxxxxxxxxxxxxxx QA Contact: extras-qa@xxxxxxxxxxxxxxxxx CC: j.orti.alcaine@xxxxxxxxx, perl-devel@xxxxxxxxxxxxxxxxxxxxxxx, steve@xxxxxxxxx, vanmeeuwen+fedora@xxxxxxxxxxxx amavisd-new's systemd services should use more of systemd's hardening features. http://pkgs.fedoraproject.org/cgit/rpms/amavisd-new.git/tree/amavis-mc.service should probably have added to it: CapabilityBoundingSet= ProtectSystem=full ProtectHome=true http://pkgs.fedoraproject.org/cgit/rpms/amavisd-new.git/tree/amavisd-clean-quarantine.service should probably have added to it: CapabilityBoundingSet= ProtectSystem=full ProtectHome=true http://pkgs.fedoraproject.org/cgit/rpms/amavisd-new.git/tree/amavisd-clean-tmp.service should probably have added to it: CapabilityBoundingSet= ProtectSystem=full ProtectHome=true http://pkgs.fedoraproject.org/cgit/rpms/amavisd-new.git/tree/amavisd-snmp-zmq.service should probably have added to it: CapabilityBoundingSet= ProtectHome=true ProtectSystem=full http://pkgs.fedoraproject.org/cgit/rpms/amavisd-new.git/tree/amavisd-snmp.service should probably have added to it: CapabilityBoundingSet= ProtectHome=true ProtectSystem=full http://pkgs.fedoraproject.org/cgit/rpms/amavisd-new.git/tree/amavisd.service should probably have added to it: CapabilityBoundingSet= ProtectHome=true ProtectSystem=full -- You are receiving this mail because: You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
