[tor-bugs] #20930 [Core Tor/Tor]: Use new systemd hardening options

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Mar 12 12:30:15 UTC 2018

#20930: Use new systemd hardening options
 Reporter:  serafean            |          Owner:  (none)
     Type:  enhancement         |         Status:  new
 Priority:  Medium              |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor        |        Version:
 Severity:  Normal              |     Resolution:
 Keywords:  systemd, packaging  |  Actual Points:
Parent ID:                      |         Points:
 Reviewer:                      |        Sponsor:

Comment (by bundesgebaermutter):

 My relay also has syscall filtering applied. Works fine with 0.3.2 and
 high ports.

 SystemCallFilter=~@clock @cpu-emulation @keyring @module @mount
 @privileged @raw-io

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20930#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list