mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-01-31 09:14:28 +00:00
7d09d7f571
This is what is still exposed, and it should still allow things to work as usual. ✗ PrivateNetwork= Service has access to the host's … 0.5 ✗ RestrictAddressFamilies=~AF_(INET… Service may allocate Internet soc… 0.3 ✗ DeviceAllow= Service has a device ACL with som… 0.1 ✗ IPAddressDeny= Service does not define an IP add… 0.2 ✗ PrivateDevices= Service potentially has access to… 0.2 ✗ PrivateUsers= Service has access to other users 0.2 ✗ SystemCallFilter=~@resources System call allow list defined fo… 0.2 ✗ RootDirectory=/RootImage= Service runs within the host's ro… 0.1 ✗ SupplementaryGroups= Service runs with supplementary g… 0.1 ✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1 → Overall exposure level for home-assistant.service: 1.6 OK :-) This can grow to as much as ~1.9 if you use one of the bluetooth or nmap trackers or the emulated_hue component, all of which required elevated permisssions. |
||
|---|---|---|
| .. | ||
| admin | ||
| amqp | ||
| audio | ||
| backup | ||
| blockchain/ethereum | ||
| cluster | ||
| computing | ||
| continuous-integration | ||
| databases | ||
| desktops | ||
| development | ||
| display-managers | ||
| editors | ||
| games | ||
| hardware | ||
| logging | ||
| misc | ||
| monitoring | ||
| network-filesystems | ||
| networking | ||
| printing | ||
| scheduling | ||
| search | ||
| security | ||
| system | ||
| torrent | ||
| ttys | ||
| video | ||
| wayland | ||
| web-apps | ||
| web-servers | ||
| x11 | ||