14 lines
394 B
Common Lisp
14 lines
394 B
Common Lisp
|
|
||
|
; This file will contain prebaked settings designed to be dropped in.
|
||
|
|
||
|
(in-package :sst-drop-ins)
|
||
|
(defparameter *security-drop-ins*
|
||
|
'("ProtectSystem=full"
|
||
|
"InaccessiblePaths=/etc/shadow"
|
||
|
"ProtectKernelLogs=true"
|
||
|
"ProtectKernelModules=true"
|
||
|
"ProtectKernelTunables=true"
|
||
|
"LockPersonality=true"
|
||
|
"ProtectControlGroups=true"
|
||
|
))
|