diff options
Diffstat (limited to '')
-rw-r--r-- | debian/changelog | 3 | ||||
-rw-r--r-- | debian/sear.c.service | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index dd2f4f0..6251242 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,8 +2,9 @@ sear.c (0.0.20-1) stable; urgency=low * Added fallback option to another server via HTTP redirect in case of CAPTCHA. + * Enchanced systemd unit security by whitelisting /lib, /etc and /usr/bin. - -- Anton Luka Šijanec <anton@sijanec.eu> Tue, 31 Jan 2022 19:00:00 +0200 + -- Anton Luka Šijanec <anton@sijanec.eu> Tue, 31 Jan 2022 20:00:00 +0200 sear.c (0.0.19-1) stable; urgency=low diff --git a/debian/sear.c.service b/debian/sear.c.service index 4b3271b..b3b8b2b 100644 --- a/debian/sear.c.service +++ b/debian/sear.c.service @@ -3,9 +3,11 @@ Description=scrapes search results of popular engines, caches them and creates a After=network.target [Service] +TemporaryFileSystem=/:ro +BindReadOnlyPaths=/lib /etc /usr/bin +EnvironmentFile=-/etc/sear.c Type=simple DynamicUser=yes -RuntimeDirectory=sear.c ExecStart=/usr/bin/sear.c Restart=no |