HI! I appreciate that pdns/recursordist/pdns-recursor.service.in already contains some of systemd's hardening options. But I wonder why CAP_CHOWN is set in CapabilityBoundingSet= and AmbientCapabilities= and I could not find a reason in the git history of that file. It seems to run without that capability. Ciao, Michael.