[tor-bugs] #12751 [Tor]: systemd unit file could use more filesystem namespace hardening options
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jul 31 09:33:16 UTC 2014
#12751: systemd unit file could use more filesystem namespace hardening options
---------------------------------+---------------------------
Reporter: intrigeri | Owner: intrigeri
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: tor-relays, systemd | Actual Points:
Parent ID: | Points:
---------------------------------+---------------------------
systemd has nice features to restrict what part of the filesystem a
service has read-only or read-write access to (ReadOnlyDirectories,
ReadWriteDirectories) that we could use. Also InaccessibleDirectories
could be made a bit more restrictive.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12751>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list