Skip to content

Commit

Permalink
nixos/endlessh-go: set proper SystemCallFilter
Browse files Browse the repository at this point in the history
  • Loading branch information
@MidAutumnMoon @zowoq
MidAutumnMoon authored and zowoq committed Oct 24, 2022
1 parent db02962 commit 7415970
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion nixos/modules/services/security/endlessh-go.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@ in
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ];
SystemCallFilter = [ "@system-service" "~@privileged" ];
};
};

Expand Down

0 comments on commit 7415970

Please sign in to comment.