judahsotomayor/sst
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
31b4a31d60
sst/lib/preconfigs.lisp
J S 31b4a31d60
feat[lib,readme] Added -s flag 
Added -s security flag.
Added image to readme
2023-12-20 13:08:03 -05:00

14 lines
394 B
Common Lisp
Raw Blame History

; This file will contain prebaked settings designed to be dropped in.
(in-package :sst-drop-ins)
(defparameter *security-drop-ins*
'("ProtectSystem=full"
"InaccessiblePaths=/etc/shadow"
"ProtectKernelLogs=true"
"ProtectKernelModules=true"
"ProtectKernelTunables=true"
"LockPersonality=true"
"ProtectControlGroups=true"
))
Reference in New Issue View Git Blame Copy Permalink