[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Use PrivateDevices instead of DeviceAllow
commit 1ac3b74405098d6cace271e0c5c6b0cf33ba0154
Author: Craig Andrews <candrews@xxxxxxxxxxxxxxxx>
Date: Fri Nov 28 12:36:17 2014 -0500
Use PrivateDevices instead of DeviceAllow
See 13805
---
contrib/dist/tor.service.in | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/contrib/dist/tor.service.in b/contrib/dist/tor.service.in
index 57409a7..6362855 100644
--- a/contrib/dist/tor.service.in
+++ b/contrib/dist/tor.service.in
@@ -16,8 +16,7 @@ LimitNOFILE = 32768
# Hardening
PrivateTmp = yes
-DeviceAllow = /dev/null rw
-DeviceAllow = /dev/urandom r
+PrivateDevices = yes
InaccessibleDirectories = /home
ReadOnlyDirectories = /
ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits