systemd-analyze security produces a list of systemd services which are assessed to be OK, MEDIUM, EXPOSED or UNSAFE.
systemd-analyze [OPTIONS…] COMMAND …
Profile systemd, show unit dependencies, check unit files.
security [UNIT…] Analyze security of unit
I wonder what it means for a service to be exposed or unsafe.
What does it entail for overall security of the system? And are there measures to be taken to make those services secure?