11 Jan
2015
11 Jan
'15
4:27 p.m.
commit 1ac3b74405098d6cace271e0c5c6b0cf33ba0154 Author: Craig Andrews <candrews@integralblue.com> Date: Fri Nov 28 12:36:17 2014 -0500 Use PrivateDevices instead of DeviceAllow See 13805 --- contrib/dist/tor.service.in | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in index 57409a7..6362855 100644 --- a/contrib/dist/tor.service.in +++ b/contrib/dist/tor.service.in @@ -16,8 +16,7 @@ LimitNOFILE = 32768 # Hardening PrivateTmp = yes -DeviceAllow = /dev/null rw -DeviceAllow = /dev/urandom r +PrivateDevices = yes InaccessibleDirectories = /home ReadOnlyDirectories = / ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor