Diff between caeabc41274fce997edf9314de1d7f1e9ae04055 and 8d2db81eb7f508bbe4c89c3e9178a11ee086912e
Changed Files
| File | Additions | Deletions | Status |
| src/bluetooth.service.in | +6 | -0 | modified |
Full Patch
diff --git a/src/bluetooth.service.in b/src/bluetooth.service.in
index f9faaa4..7c2f60b 100644
--- a/src/bluetooth.service.in
+++ b/src/bluetooth.service.in
@@ -12,8 +12,14 @@ NotifyAccess=main
#Restart=on-failure
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
LimitNPROC=1
+
+# Filesystem lockdown
ProtectHome=true
ProtectSystem=full
+PrivateTmp=true
+
+# Privilege escalation
+NoNewPrivileges=true
[Install]
WantedBy=bluetooth.target