Am 16.01.2018 um 10:20 schrieb Ludovic Gasc:
2018-01-15 19:11 GMT+01:00 Reindl Harald <h.rei...@thelounge.net
<mailto:h.rei...@thelounge.net>>:
ReadOnlyDirectories=/etc
ReadOnlyDirectories=/usr
FYI, you can use ProtectSystem=strict to have more strict rules for the
root filesystem:
https://www.freedesktop.org/software/systemd/man/systemd.exec.html#ProtectSystem=
in reality i go even mor far and start with ReadOnlyDirectories=/
followed by selective multiple "ReadWriteDirectories=" and a ton of
"InaccessibleDirectories=" but that's out of scope here because it
depends too much on the local environment :-)
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
