diff options
author | jake%bugzilla.org <> | 2004-12-04 07:56:31 +0100 |
---|---|---|
committer | jake%bugzilla.org <> | 2004-12-04 07:56:31 +0100 |
commit | eb9abac0c83ec5fdf16aa907f5f653eb3804b359 (patch) | |
tree | 463e186e0004050b3cf81f4c7ac3d8c1a381358b | |
parent | fe81b42398131b3dc62c320ddd07789cb5545357 (diff) | |
download | bugzilla-eb9abac0c83ec5fdf16aa907f5f653eb3804b359.tar.gz bugzilla-eb9abac0c83ec5fdf16aa907f5f653eb3804b359.tar.xz |
Correct some minor typos in the security chapter.
-rw-r--r-- | docs/xml/security.xml | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/docs/xml/security.xml b/docs/xml/security.xml index de859e6b5..790750d98 100644 --- a/docs/xml/security.xml +++ b/docs/xml/security.xml @@ -1,5 +1,5 @@ <!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> --> -<!-- $Id: security.xml,v 1.1 2004/12/02 04:21:27 jake%bugzilla.org Exp $ --> +<!-- $Id: security.xml,v 1.2 2004/12/03 22:56:31 jake%bugzilla.org Exp $ --> <chapter id="security"> <title>Bugzilla Security</title> @@ -32,7 +32,7 @@ audit your server and make sure that you aren't listening on any ports you don't need to be. It's also highly recommended that the server Bugzilla resides on, along with any other machines you administer, be - placed behind some kinda of firewall. + placed behind some kind of firewall. </para> </section> @@ -40,7 +40,7 @@ <section id="security-os-accounts"> <title>System User Accounts</title> - <para>Many <glossterm linkend="gloss-daemon">daemon</glossterm>, such + <para>Many <glossterm linkend="gloss-daemon">daemons</glossterm>, such as Apache's <filename>httpd</filename> or MySQL's <filename>mysqld</filename>, run as either <quote>root</quote> or <quote>nobody</quote>. This is even worse on Windows machines where the @@ -51,7 +51,7 @@ not be so obvious. Basically, if you run every daemon as <quote>nobody</quote> and one of them gets comprimised it can comprimise every other daemon running as <quote>nobody</quote> on your - machine. For this reason it is recommended that you create a user + machine. For this reason, it is recommended that you create a user account for each daemon. </para> @@ -187,7 +187,7 @@ skip-networking Bugzilla is currently layed out, the list of what should and should not be accessible is rather complicated. A new installation method is currently in the works which should solve this by allowing files that - shouldn't be accessible from the web to be placed in directory outside + shouldn't be accessible from the web to be placed in a directory outside the webroot. See <ulink url="http://bugzilla.mozilla.org/show_bug.cgi?id=44659">bug 44659</ulink> for more information. @@ -318,7 +318,8 @@ skip-networking To test, simply point your web browser at the file; for example, to test mozilla.org's installation, we'd try to access <ulink url="http://bugzilla.mozilla.org/localconfig"/>. You should get - a <errorcode>403</errorcode> <errorname>Forbidden</errorname> error. + a <quote><errorcode>403</errorcode> <errorname>Forbidden</errorname></quote> + error. </para> <tip> @@ -372,18 +373,21 @@ skip-networking Due to internationalization concerns, we are unable to incorporate by default the code changes suggested by <ulink - url="http://www.cert.org/tech_tips/malicious_code_mitigation.html#3"> - the CERT advisory</ulink> on this issue. + url="http://www.cert.org/tech_tips/malicious_code_mitigation.html#3">the + CERT advisory</ulink> on this issue. If your installation is for an English speaking audience only, making the - change below will prevent this problem. + change in <xref linkend="security-bugzilla-charset-ex"/> will prevent + this problem. </para> - <para>Simply locate the following line in - <filename>Bugzilla/CGI.pm</filename>: - <programlisting>$self->charset('');</programlisting> - and change it to: - <programlisting>$self->charset('ISO-8859-1');</programlisting> - </para> + <example id="security-bugzilla-charset-ex"> + <para>Locate the following line in + <filename>Bugzilla/CGI.pm</filename>: + <programlisting>$self->charset('');</programlisting> + and change it to: + <programlisting>$self->charset('ISO-8859-1');</programlisting> + </para> + </example> </section> </section> @@ -409,3 +413,4 @@ sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") sgml-shorttag:t sgml-tag-region-if-active:t End: --> + |