Index: memcached-1.6.9/scripts/memcached.service
===================================================================
--- memcached-1.6.9.orig/scripts/memcached.service
+++ memcached-1.6.9/scripts/memcached.service
@@ -41,6 +41,13 @@ CapabilityBoundingSet=CAP_SETGID CAP_SET
 # Restricts the set of socket address families accessible to the processes
 # of this unit. Protects against vulnerabilities such as CVE-2016-8655
 RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+# added automatically, for details please see
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
+ProtectHome=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelLogs=true
+# end of automatic additions 
 
 
 # Some security features are not in the older versions of systemd used by