Procfs

ProtectKernelTunables setting

Restrict systemd units to access information from the kernel tunables in the /proc and /sys directories with the unit setting ProtectKernelTunables.

ProcSubset setting

Harden system and user services by restricting systemd units to access information from the /proc directory with the unit setting ProcSubset.

ProtectProc setting

Harden system and user services by restricting systemd units to access information from the /proc directory with the unit setting ProtectProc.