diff options
| author | Joachim Fasting <joachifm@fastmail.fm> | 2016-03-23 20:42:01 +0100 |
|---|---|---|
| committer | Joachim Fasting <joachifm@fastmail.fm> | 2016-03-24 17:14:22 +0100 |
| commit | 03bdf8f03cbc9157bd04aa786d366bdbb2acd234 (patch) | |
| tree | 54b1ebf3ab8f31d59c22946b68f1080e66cbed2a /nixos/modules/services/networking/dnscrypt-proxy.nix | |
| parent | 4001917359db57b75662581e55d33e38fa60bc2d (diff) | |
dnscrypt-proxy service: additional hardening
Run the daemon with private /home and /run/user to
prevent it from enumerating users on the system.
Diffstat (limited to 'nixos/modules/services/networking/dnscrypt-proxy.nix')
| -rw-r--r-- | nixos/modules/services/networking/dnscrypt-proxy.nix | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/dnscrypt-proxy.nix b/nixos/modules/services/networking/dnscrypt-proxy.nix index e6204a387bda..3d5ce7b9d5ce 100644 --- a/nixos/modules/services/networking/dnscrypt-proxy.nix +++ b/nixos/modules/services/networking/dnscrypt-proxy.nix @@ -204,6 +204,7 @@ in PrivateTmp = true; PrivateDevices = true; + ProtectHome = true; }; }; }; |