18 lines
399 B
Plaintext
18 lines
399 B
Plaintext
[Service]
|
|
LimitNOFILE=100000
|
|
ProtectSystem=strict
|
|
PrivateTmp=true
|
|
NoNewPrivileges=true
|
|
PrivateDevices=true
|
|
ProtectKernelTunables=true
|
|
ProtectKernelModules=true
|
|
ProtectControlGroups=true
|
|
LockPersonality=true
|
|
MemoryDenyWriteExecute=true
|
|
SystemCallArchitectures=native
|
|
BindPaths=/run/dovecot/
|
|
BindPaths=/var/run/dovecot/
|
|
BindPaths=/var/lib/dovecot/
|
|
InaccessiblePaths=/var/www/
|
|
InaccessiblePaths=/root/
|