enforced systemd services (was: Misc Developer News (#37))

To: Debian Development <debian-devel@lists.debian.org>
Cc: Paul Wise <pabs@debian.org>
Subject: enforced systemd services (was: Misc Developer News (#37))
From: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Date: Tue, 25 Nov 2014 10:04:06 +0100
Message-id: <[🔎] CAOkSjBiFyTdnAtwSAxU+SS-_CGbr+Og5hwfoC0PphGmmCP8Q7w@mail.gmail.com>

On 25 November 2014 at 02:22, Paul Wise <pabs@debian.org> wrote:
>
> Making packages secure with systemd service files
> -------------------------------------------------
>
>  Packagers of Debian software, who are needing to create systemd service
>  files would benefit from learning from Lennart Poettering's recent
>  presentation (video[12], slides[13]) detailing various security features you
>  can enable in your package's service files. Many of these features are
>  simple to add, and would greatly enhance the overall security of Debian.
>
> -- Joe Hill
>
>  [12] http://ftp.nluug.nl/video/nluug/2014-11-20_nj14/zaal-2/5_Lennart_Poettering_-_Systemd.webm
>  [13] http://0pointer.net/public/systemd-nluug-2014.pdf
>

This seems pretty interesting.

Is there a Debian-specific policy on how to apply these directives?

-- 
Arturo Borrero González

Reply to:

Follow-Ups:
- Re: enforced systemd services (was: Misc Developer News (#37))
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: enforced systemd services (was: Misc Developer News (#37))
  - From: md@Linux.IT (Marco d'Itri)

Prev by Date: Bug#770915: ITP: utox -- uTox is a lightweight audio/video chat client based on the secure tox protocol.
Next by Date: Re: enforced systemd services (was: Misc Developer News (#37))
Previous by thread: Bug#770915: ITP: utox -- uTox is a lightweight audio/video chat client based on the secure tox protocol.
Next by thread: Re: enforced systemd services (was: Misc Developer News (#37))
Index(es):
- Date
- Thread