2018-01-16 10:22 GMT+01:00 Reindl Harald <h.rei...@thelounge.net>: > > > Am 16.01.2018 um 10:20 schrieb Ludovic Gasc: > >> 2018-01-15 19:11 GMT+01:00 Reindl Harald <h.rei...@thelounge.net <mailto: >> h.rei...@thelounge.net>>: >> >> >> ReadOnlyDirectories=/etc >> ReadOnlyDirectories=/usr >> >> >> FYI, you can use ProtectSystem=strict to have more strict rules for the >> root filesystem: >> https://www.freedesktop.org/software/systemd/man/systemd.exe >> c.html#ProtectSystem= >> > > in reality i go even mor far and start with ReadOnlyDirectories=/ followed > by selective multiple "ReadWriteDirectories=" and a ton of > "InaccessibleDirectories=" but that's out of scope here because it depends > too much on the local environment :-)
Ok ;-)
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
