t8m
commented
4 months ago Hmm, do all these settings affect child processes of crond? Namely the executed cron jobs? In many cases these have high potential of breaking existing users cron jobs and are not really a good idea.
As part of https://fedoraproject.org/wiki/Changes/SystemdSecurityHardening which has been approved for Fedora 40, I am working on updating Systemd services to add additional hardening settings, please review this PR and let me know if you have any feedback.
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html has detailed information on each of these settings including the version of Systemd where they were introduced.