- systemd improves daemon security by creating an isolated tmp directory, however it breaks programs that are not yet aware and, in Kimchi particular case, all directories created under tmp are randomized, meaning that a possible attacker cannot easily guess which file/dir will be created beforehand. https://access.redhat.com/blogs/766093/posts/1976243 Signed-off-by: Jose Ricardo Ziviani <joserz@linux.vnet.ibm.com> --- contrib/kimchid.service.fedora | 2 +- contrib/kimchid.service.ubuntu | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/contrib/kimchid.service.fedora b/contrib/kimchid.service.fedora index cd8e137..d7b10d2 100644 --- a/contrib/kimchid.service.fedora +++ b/contrib/kimchid.service.fedora @@ -4,4 +4,4 @@ After=libvirtd.service wokd.service [Service] Nice=0 -PrivateTmp=yes +PrivateTmp=no diff --git a/contrib/kimchid.service.ubuntu b/contrib/kimchid.service.ubuntu index 1c7d63f..f865987 100644 --- a/contrib/kimchid.service.ubuntu +++ b/contrib/kimchid.service.ubuntu @@ -4,4 +4,4 @@ After=libvirt-bin.service wokd.service [Service] Nice=0 -PrivateTmp=yes +PrivateTmp=no -- 2.7.4