systemd-service-file-missing-hardening-features
The specified systemd .service
file does not appear to
enable any hardening options.
systemd has support for many security-oriented features such as
isolating services from the network, private /tmp
directories,
as well as control over making directories appear read-only or even
inaccessible, etc.
Please consider supporting some options, collaborating upstream where necessary about any potential changes.
For more information please consult:
- the systemd.service(5) manual page
- http://0pointer.de/blog/projects/security.html
The tag is present in Lintian version 2.114.163
.
That is the most recent version we know about.
We use semantic versions.
The patch number is a commit step indicator relative to the
2.112.0
release tag in our Git
repository.
You can find the detection logic for this version at commit 02df726. For merge requests, please use the latest version in the Lintian check systemd.
This tag is experimental.
Visibility: pedantic