final dev
This commit is contained in:
@@ -815,7 +815,9 @@ StandardError=journal
|
|||||||
SyslogIdentifier=ripster-backend
|
SyslogIdentifier=ripster-backend
|
||||||
|
|
||||||
# Sicherheit
|
# Sicherheit
|
||||||
NoNewPrivileges=true
|
# Für Skriptausführung via GUI (inkl. optionalem sudo in User-Skripten)
|
||||||
|
# darf no_new_privileges nicht aktiv sein.
|
||||||
|
NoNewPrivileges=false
|
||||||
ProtectSystem=full
|
ProtectSystem=full
|
||||||
ProtectHome=read-only
|
ProtectHome=read-only
|
||||||
ReadWritePaths=${INSTALL_DIR}/backend/data ${INSTALL_DIR}/backend/logs /tmp
|
ReadWritePaths=${INSTALL_DIR}/backend/data ${INSTALL_DIR}/backend/logs /tmp
|
||||||
|
|||||||
@@ -561,7 +561,9 @@ SyslogIdentifier=ripster-backend
|
|||||||
DevicePolicy=auto
|
DevicePolicy=auto
|
||||||
SupplementaryGroups=video render cdrom disk
|
SupplementaryGroups=video render cdrom disk
|
||||||
|
|
||||||
NoNewPrivileges=true
|
# Für Skriptausführung via GUI (inkl. optionalem sudo in User-Skripten)
|
||||||
|
# darf no_new_privileges nicht aktiv sein.
|
||||||
|
NoNewPrivileges=false
|
||||||
ProtectSystem=full
|
ProtectSystem=full
|
||||||
ProtectHome=read-only
|
ProtectHome=read-only
|
||||||
ReadWritePaths=${INSTALL_DIR}/backend/data ${INSTALL_DIR}/backend/logs /tmp
|
ReadWritePaths=${INSTALL_DIR}/backend/data ${INSTALL_DIR}/backend/logs /tmp
|
||||||
|
|||||||
Reference in New Issue
Block a user