2018-01-16 10:22 GMT+01:00 Reindl Harald <[email protected]>: > > > Am 16.01.2018 um 10:20 schrieb Ludovic Gasc: > >> 2018-01-15 19:11 GMT+01:00 Reindl Harald <[email protected] <mailto: >> [email protected]>>: >> >> >> ReadOnlyDirectories=/etc >> ReadOnlyDirectories=/usr >> >> >> FYI, you can use ProtectSystem=strict to have more strict rules for the >> root filesystem: >> https://www.freedesktop.org/software/systemd/man/systemd.exe >> c.html#ProtectSystem= >> > > in reality i go even mor far and start with ReadOnlyDirectories=/ followed > by selective multiple "ReadWriteDirectories=" and a ton of > "InaccessibleDirectories=" but that's out of scope here because it depends > too much on the local environment :-)
Ok ;-)
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
