From 4e92b1c818a1d04149dccb61e615c6c5ea022dcb Mon Sep 17 00:00:00 2001
From: Erik Arvstedt <erik.arvstedt@gmail.com>
Date: Tue, 7 Apr 2020 23:04:59 +0200
Subject: [PATCH] remove redundant hardening options

These are already defined in nix-bitcoin-services.defaultHardening.
---
 modules/bitcoind.nix | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/modules/bitcoind.nix b/modules/bitcoind.nix
index a1305e2..e89d63c 100644
--- a/modules/bitcoind.nix
+++ b/modules/bitcoind.nix
@@ -282,13 +282,6 @@ in {
         ExecStart = "${cfg.package}/bin/bitcoind -datadir='${cfg.dataDir}'";
         Restart = "on-failure";
 
-        # Hardening measures
-        PrivateTmp = "true";
-        ProtectSystem = "full";
-        NoNewPrivileges = "true";
-        PrivateDevices = "true";
-        MemoryDenyWriteExecute = "true";
-
         # Permission for preStart
         PermissionsStartOnly = "true";
       } // nix-bitcoin-services.defaultHardening