Re: Systemd service hardening project

To: debian-devel@lists.debian.org
Subject: Re: Systemd service hardening project
From: Jarl Gullberg <jarl.gullberg@visar-systems.com>
Date: Sat, 29 Nov 2025 15:21:07 +0100
Message-id: <[🔎] 7198c798-9e2d-4e7f-98a8-e2c15bf1aba5@visar-systems.com>
In-reply-to: <[🔎] 86fr9xul4z.fsf@simplex.rtf.org.uk>
References: <[🔎] 86fr9xul4z.fsf@simplex.rtf.org.uk>

I had not seen that thread, no! Lots of useful information in there thatI think we can easily carry forward.

I have tried shh with some success, but I found it was easier to doservices by hand once I got a feel for it. Could be useful for morein-depth hardening, though, like syscalls.

I'm glad to see there's already a release goal wiki for this, and as faras I can tell this might "just" be a matter of reviving that with a bitmore structure to it.

Putting the horse slightly before the cart here, but developing alintian inspection for it like mentioned in the thread definitely soundsworthwhile.


--
Jarl Gullberg
CEO & CTO
Visar Systems AB


+46 73 644 96 64
jarl.gullberg@visar-systems.com
https://visar-systems.com

Reply to:

References:
- Re: Systemd service hardening project
  - From: Richard Lewis <richard.lewis.debian@googlemail.com>

Prev by Date: Re: Systemd service hardening project
Next by Date: Re: Systemd service hardening project
Previous by thread: Re: Systemd service hardening project
Next by thread: Re: Systemd service hardening project
Index(es):
- Date
- Thread