mivirl [Sun, 26 May 2024 05:05:45 +0000 (00:05 -0500)]
sandbox: Improve systemd template overrides
Improved templates to make breakage less likely and rely less on
newer systemd features to provide security. Tested with v239 as the
earliest version, but should still work with earlier versions as well.
Exposure levels from `systemd-analyze security` on v252 (scale is
from 0-10 with lower being more secure)
- nginx: 2.3 OK
- apache2: 2.2 OK
projects / hardening-scripts.git / log