On Tue, 13.12.16 01:56, Rahul Sundaram (metherid(a)gmail.com) wrote:
Hi
On Mon, Dec 12, 2016 at 4:03 PM Lennart Poettering
> Hmm, yeah, I should probably blog more about all the nice sandboxing
> features we have now in systemd.
It would be useful if we can set these type of options as system wide - for
both the distribution/vendor and for admin overrides with services that can
opt out rather than opt-in
Well, the security policies need to be adapted to the service in
question, hence a blanket switch to enable all of them for every
service is problematic. Let's say you block gettimeofday()
system-wide, but then run an NTP service: you just broke it...
I fear it's too late to turn on all sandboxing options by default for
regular services. If we would have had them back when we started we
of course would have made them opt-out rather than opt-in, but that's
too late now...
Lennart
--
Lennart Poettering, Red Hat