{
  lib,
  config,
  ...
}:
{
  config.systemd.services = lib.mkIf (config.specialisation != { }) {
    nix-daemon.serviceConfig = {
      MemoryDenyWriteExecute = true;
      NoNewPrivileges = true;
      SystemCallArchitectures = "native";
      RestrictSUIDSGID = true; # good, somehow???

      RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6"; # needed to download sources and caches
      RestrictNamespaces = "user net uts mnt ipc pid"; # namespaces needed for sandboxing
      SystemCallFilter = "@system-service @cpu-emulation @mount @privileged";

      LockPersonality = true;
      ProtectControlGroups = true;
      ProtectKernelModules = true; # todo: does kvm need a modprobe here?
      PrivateMounts = true;
      ProtectProc = "invisible";
      ProtectClock = true;

      # file system
      PrivateTmp = true;
      ProtectSystem = "strict";
      ReadWritePaths = "/nix";

      # Scheduling: only do as much as resources are available
      LimitNICE = 1;
      Nice = 19;
      RestrictRealtime = true;

      # devices
      DevicePolicy = "closed"; # allow pseudo-devices like /dev/null, but no real devices
      DeviceAllow = "/dev/kvm"; # kvm is needed for VM tests

      CapabilityBoundingSet = [
        "CAP_FOWNER CAP_CHOWN CAP_SETUID CAP_SETGID CAP_SYS_ADMIN CAP_DAC_OVERRIDE"
     ];

      # ProtectKernelLogs=true; # BAD
      # ProtectKernelTunables = true; # BAD
      # PrivateUsers=true; BAD
      # ProtectHome = "read-only"; # BAD
      # ProtectHostname = true; # BAD!
      # PrivateNetwork = true; # BAD!
    };
  };
}