Russell Coker <russ...@coker.com.au> writes: > https://wiki.debian.org/ReleaseGoals/SystemdAnalyzeSecurity > > I think we should make it a release goal to have as many daemons as > possible running with systemd security features to aim for a low score > from "systmd- analyze security".
This repos from Trent Buck has a lot of research - https://github.com/cyberitsolutions/prisonpc-systemd-lockdown/tree/main/systemd/system/0-EXAMPLES (One of the issues for services that send email is that it is very easy to break exim)
