On Jul 04, "Trent W. Buck" <trentb...@gmail.com> wrote: > * If it runs its own process manager (e.g. postfix's "master"), > don't bother trying to harden it. I disagree. It may not be possible to use NoNewPrivileges, but at least file system hardening is usually trivial to enable for most daemons.
> * If it sends mail via /usr/sbin/sendmail, > don't bother trying to harden it. See above. > If it sends mail via smtp://localhost, that's MUCH easier. > Start encouraging upstreams to do that instead? Do you know an appropriate C library that could be used? Speaking proper SMTP is a bit harder than rfc821 | sendmail, so let's try to not overshoot... > Moving pidfiles from /run/%p.pid to /run/%p/%p.pid and > letting systemd do the User=%p can help quite a bit. In general, all services should be STRONGLY encouraged to use RuntimeDirectory, StateDirectory, etc... Also because this makes possible implementing the "file system factory reset" patterns. -- ciao, Marco
signature.asc
Description: PGP signature