Loading changes/bug12751-systemd-filesystem-sandbox 0 → 100644 +5 −0 Original line number Diff line number Diff line o Distribution: - systemd unit file: only allow tor to write to /var/lib/tor and /var/log/tor. The rest of the filesystem is accessible for reading only. Patch by intrigeri; resolves ticket 12751. contrib/dist/tor.service.in +3 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,9 @@ PrivateTmp = yes DeviceAllow = /dev/null rw DeviceAllow = /dev/urandom r InaccessibleDirectories = /home ReadOnlyDirectories = / ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor ReadWriteDirectories = @LOCALSTATEDIR@/log/tor [Install] WantedBy = multi-user.target Loading
changes/bug12751-systemd-filesystem-sandbox 0 → 100644 +5 −0 Original line number Diff line number Diff line o Distribution: - systemd unit file: only allow tor to write to /var/lib/tor and /var/log/tor. The rest of the filesystem is accessible for reading only. Patch by intrigeri; resolves ticket 12751.
contrib/dist/tor.service.in +3 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,9 @@ PrivateTmp = yes DeviceAllow = /dev/null rw DeviceAllow = /dev/urandom r InaccessibleDirectories = /home ReadOnlyDirectories = / ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor ReadWriteDirectories = @LOCALSTATEDIR@/log/tor [Install] WantedBy = multi-user.target
