Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge branch 'jb44449' into 'master'
[sensorfw] Sandbox the sensorfwd service. JB#44449

See merge request mer-core/sensorfw!38
  • Loading branch information
mlehtima committed Feb 6, 2020
2 parents 043fb68 + 2926a49 commit ec5813f
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions rpm/sensorfwd.service
Expand Up @@ -11,6 +11,12 @@ ExecStart=/usr/sbin/sensorfwd -c=/etc/sensorfw/primaryuse.conf --systemd --log-l
ExecReload=/bin/kill -HUP $MAINPID
Restart=always
RestartSec=1
# Sandboxing
CapabilityBoundingSet=CAP_DAC_OVERRIDE CAP_FOWNER
PrivateNetwork=true
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=full

[Install]
WantedBy=graphical.target
Expand Down

0 comments on commit ec5813f

Please sign in to comment.