From e4c93fb04c24119c40676de01ab08c9346e08a8f Mon Sep 17 00:00:00 2001
From: alyaeanyx <alexandra.hollmeier@mailbox.org>
Date: Sun, 10 Apr 2022 14:19:22 +0200
Subject: [PATCH] nixos/openconnect: add hardening flags

---
 nixos/modules/services/networking/openconnect.nix | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nixos/modules/services/networking/openconnect.nix b/nixos/modules/services/networking/openconnect.nix
index 7b2ef48e1c42..de4b505130eb 100644
--- a/nixos/modules/services/networking/openconnect.nix
+++ b/nixos/modules/services/networking/openconnect.nix
@@ -103,6 +103,8 @@ let
           generateConfig name icfg
         } ${icfg.gateway}";
       StandardInput = "file:${icfg.passwordFile}";
+
+      ProtectHome = true;
     };
   };
 in {