Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#42657 - [redis] Add security to redis.service
Attached to Project:
Community Packages
Opened by Tobias Hunger (hunger) - Sunday, 02 November 2014, 12:16 GMT
Last edited by Sergej Pupykin (sergej) - Thursday, 26 February 2015, 14:56 GMT
Opened by Tobias Hunger (hunger) - Sunday, 02 November 2014, 12:16 GMT
Last edited by Sergej Pupykin (sergej) - Thursday, 26 February 2015, 14:56 GMT
|
DetailsDescription:
The redis.service file makes no use whatsoever of the systemd security features. The following settings could be added to harden the redis installation: Group=redis CapabilityBoundingSet= PrivateTmp=true PrivateDevices=true ProtectSystem=full ProtectHome=true NoNewPrivileges=true RuntimeDirectory=redis RuntimeDirectoryMode=700 Additional info: * 2.8.17-1 Steps to reproduce: * Install redis * check /usr/lib/systemd/system/redis.service |
This task depends upon
Closed by Sergej Pupykin (sergej)
Thursday, 26 February 2015, 14:56 GMT
Reason for closing: Fixed
Additional comments about closing: in svn/trunk only
Thursday, 26 February 2015, 14:56 GMT
Reason for closing: Fixed
Additional comments about closing: in svn/trunk only