A common and reliable pattern in service unit files is thus:
NoNewPrivileges=yes
PrivateTmp=yes
PrivateDevices=yes
DevicePolicy=closed
ProtectSystem=strict
Nuno nfn
nfn
/ systemd_service_hardening.md
Created
August 4, 2022 20:06
— forked from ageis/systemd_service_hardening.md
Options for hardening systemd service units
nfn
/ bottle_flash2.py
Last active
June 20, 2021 21:08
— forked from jhargis/bottle_flash2.py
bottle-flash2 - Fixed up abandoned bottle-flash[https://pypi.python.org/pypi/bottle-flash/]. Made api ver 2 ready. Plugin enables flash messages in bottle similar to django and flask.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from bottle import request, response, PluginError | |
| class FlashMsgPlugin(object): | |
| """Usage: | |
| from bottle import Bottle, route, run, redirect, template | |
| from bottle_flash2 import FlashMsgPlugin | |
| app = Bottle() | |
| COOKIE_SECRET = 'your_secret_key' | |
| app.install(FlashMsgPlugin(secret=COOKIE_SECRET)) |
nfn
/ keybase.md
Created
May 21, 2015 10:46
I hereby claim:
- I am nfn on github.
- I am neves (https://keybase.io/neves) on keybase.
- I have a public key whose fingerprint is C255 E09A 0971 4BCC CDFC 94E9 86E2 320C E5A0 BE9A
To claim this, I am signing this object: