This is a demonstration about the power of systemd. From the latest releases, systemd implemented some interesting features. These features regard security, in particular the sandboxing. The file simplehttp.service provides some of these directives made available by systemd. The images show, step-by-step, how to harden the service using specific directives and check them with provided systemd tools.

Was this post helpful?