privoxy service: additional isolation

This commit is contained in:
Joachim Fasting 2016-12-05 12:25:31 +01:00
parent 54cea02d90
commit ad88f1040e
No known key found for this signature in database
GPG Key ID: 7544761007FE4E08

View File

@ -100,6 +100,11 @@ in
after = [ "network.target" "nss-lookup.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${privoxy}/sbin/privoxy --no-daemon --user ${privoxyUser} ${confFile}";
serviceConfig.PrivateDevices = true;
serviceConfig.PrivateTmp = true;
serviceConfig.ProtectHome = true;
serviceConfig.ProtectSystem = "full";
};
};