diff --git a/conf/systemd.service b/conf/systemd.service index 442545c..38c6c70 100644 --- a/conf/systemd.service +++ b/conf/systemd.service @@ -17,8 +17,7 @@ Restart=always NoNewPrivileges=yes PrivateTmp=yes PrivateDevices=yes -#RestrictAddressFamilies disabled, prevents any write access on the app -#RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 AF_NETLINK RestrictNamespaces=yes RestrictRealtime=yes DevicePolicy=closed