diff --git a/collabore-tunnel.service b/collabore-tunnel.service
index 0c28037..ce41eba 100644
--- a/collabore-tunnel.service
+++ b/collabore-tunnel.service
@@ -34,6 +34,7 @@ PrivateDevices=true
 ProtectControlGroups=true
 ProtectKernelModules=true
 ProtectKernelTunables=true
+ProtectKernelLogs=true
 ReadWritePaths=
 
 # network
@@ -54,7 +55,7 @@ ProtectClock=true
 ProtectProc=invisible
 
 # capabilities
-RestrictNamespaces=uts ipc pid cgroup
+RestrictNamespaces=yes
 CapabilityBoundingSet=CAP_NET_BIND_SERVICE
 AmbientCapabilities=