Skip to content

Instantly share code, notes, and snippets.

@nfn
nfn / systemd_service_hardening.md
Created August 4, 2022 20:06 — forked from ageis/systemd_service_hardening.md
Options for hardening systemd service units

security and hardening options for systemd service units

A common and reliable pattern in service unit files is thus:

NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
@nfn
nfn / bottle_flash2.py
Last active June 20, 2021 21:08 — forked from jhargis/bottle_flash2.py
bottle-flash2 - Fixed up abandoned bottle-flash[https://pypi.python.org/pypi/bottle-flash/]. Made api ver 2 ready. Plugin enables flash messages in bottle similar to django and flask.
from bottle import request, response, PluginError
class FlashMsgPlugin(object):
"""Usage:
from bottle import Bottle, route, run, redirect, template
from bottle_flash2 import FlashMsgPlugin
app = Bottle()
COOKIE_SECRET = 'your_secret_key'
app.install(FlashMsgPlugin(secret=COOKIE_SECRET))

Keybase proof

I hereby claim:

  • I am nfn on github.
  • I am neves (https://keybase.io/neves) on keybase.
  • I have a public key whose fingerprint is C255 E09A 0971 4BCC CDFC 94E9 86E2 320C E5A0 BE9A

To claim this, I am signing this object: