extend matterbridge service hardening

2024-12-19 12:54:41 -05:00 · 2022-08-09 06:18:21 -04:00 · 2022-08-09 06:18:21 -04:00 · 5a4b71ed29
commit 5a4b71ed29
parent 28c063bdc2
1 changed files with 8 additions and 0 deletions
--- a/systemd/system/matterbridge.service.d/hardening.conf
+++ b/systemd/system/matterbridge.service.d/hardening.conf
@ -0,0 +1,8 @@
 [Service]
 # use a persistent user so that nftables can use it for skuid rules
 DynamicUser=false
 MemoryDenyWriteExecute=true
 RemoveIPC=true
 ProcSubset=pid
 ProtectProc=invisible