Use PrivateDevices instead of DeviceAllow

See 13805
2025-02-23 14:40:51 +01:00 · 2014-11-28 12:36:17 -05:00 · 2014-11-28 12:36:17 -05:00 · 1ac3b74405
commit 1ac3b74405
parent 11b652acb3
1 changed files with 1 additions and 2 deletions
--- a/contrib/dist/tor.service.in
+++ b/contrib/dist/tor.service.in
@ -16,8 +16,7 @@ LimitNOFILE = 32768

 # Hardening
 PrivateTmp = yes
-DeviceAllow = /dev/null rw
-DeviceAllow = /dev/urandom r
+PrivateDevices = yes
 InaccessibleDirectories = /home
 ReadOnlyDirectories = /
 ReadWriteDirectories = @LOCALSTATEDIR@/lib/tor