mirror of
https://github.com/flatcar/scripts.git
synced 2025-08-22 06:51:26 +02:00
coreos-base/oem-vmware: enable PrivateTmp for vmtoolsd
It would have mitigated CVE-2015-5191 and might again be useful in the future.
This commit is contained in:
parent
276aa5dfbe
commit
40cedc85f6
@ -7,6 +7,7 @@ ConditionVirtualization=vmware
|
|||||||
ExecStartPre=/usr/bin/ln -sfT /usr/share/oem/vmware-tools /etc/vmware-tools
|
ExecStartPre=/usr/bin/ln -sfT /usr/share/oem/vmware-tools /etc/vmware-tools
|
||||||
ExecStart=/usr/share/oem/bin/vmtoolsd
|
ExecStart=/usr/share/oem/bin/vmtoolsd
|
||||||
TimeoutStopSec=5
|
TimeoutStopSec=5
|
||||||
|
PrivateTmp=true
|
||||||
|
|
||||||
[Install]
|
[Install]
|
||||||
WantedBy=multi-user.target
|
WantedBy=multi-user.target
|
||||||
|
Loading…
x
Reference in New Issue
Block a user