Overview

File harden_wacom-inputattach@.service.patch of Package xf86-input-wacom

Index: xf86-input-wacom-0.40.0/conf/wacom-inputattach@.service.in
===================================================================
--- xf86-input-wacom-0.40.0.orig/conf/wacom-inputattach@.service.in
+++ xf86-input-wacom-0.40.0/conf/wacom-inputattach@.service.in
@@ -2,6 +2,17 @@
 Description=inputattach for Wacom ISDv4-compatible serial devices
 
 [Service]
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectSystem=full
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+RestrictRealtime=true
+# end of automatic additions 
 Type=simple
 ExecStart=__BIN_PREFIX__/isdv4-serial-inputattach /dev/%I
 Restart=on-success
openSUSE Build Service is sponsored by
Places