ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-09-21 04:28:40 +03:00
Code Issues Projects Releases Wiki Activity

Merge pull request #122452 from ju1m/tor

Browse Source
This commit is contained in:
Sandro 2021-11-09 21:50:57 +01:00 committed by GitHub
commit e5ac2e1a52
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/services/security/tor.nix
View File

@ -1012,6 +1012,7 @@ in
# Tor cannot currently bind privileged port when PrivateUsers=true,
# see https://gitlab.torproject.org/legacy/trac/-/issues/20930
PrivateUsers = !bindsPrivilegedPort;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
@ -1019,6 +1020,7 @@ in
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" "AF_NETLINK" ];