hey,
How do you harden linux services?
When you run the command:
systemd-analyze security
This will tell you which services you can secure better in your linux system setup.
I have noticed that a lot of services are “unsafe”.
For instance: lightdm.service is regarded as unsafe on my system.
You can check it too if you have this service by running:
systemd-analyze security lightdm.service
A lot of services seem to be unsafe, how can I make them safe(r)?
https://askubuntu.com/questions/1182494/how-to-address-results-of-systemd-analyze-security
there are other resources to find out what that status means and how to address it (if needed).
You can see the complete analysis by issuing systemd-analyze security <service>. From there, you need to judge if identified exposures are relevant or necessary in order to decide if they can be mitigated without compromising the service’s functioning. See man systemd-analyze for more info.