From 5d71f7bcd2f55a2b0de4f360a9d22df6b636b598 Mon Sep 17 00:00:00 2001
From: "barnboy%trilobyte.net" <>
Date: Wed, 25 Apr 2001 14:38:17 +0000
Subject: Fix for confusing language regarding protection of data/ & shadow/
 directories and localconfig file.

---
 docs/sgml/administration.sgml | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'docs/sgml')

diff --git a/docs/sgml/administration.sgml b/docs/sgml/administration.sgml
index c52cacebf..a35ba047d 100644
--- a/docs/sgml/administration.sgml
+++ b/docs/sgml/administration.sgml
@@ -1048,11 +1048,14 @@ operating parameters for bugzilla.</PARA>
 	</LISTITEM>
 	<LISTITEM>
 	  <PARA>
-	    Ensure you have adequate access controls for $BUGZILLA_HOME/data/, $BUGZILLA_HOME/localconfig,
-	    and $BUGZILLA_HOME/shadow directories.
+	    Ensure you have adequate access controls for the $BUGZILLA_HOME/data/ and
+	    $BUGZILLA_HOME/shadow/ directories, as well as the $BUGZILLA_HOME/localconfig file.
 	    The localconfig file stores your "bugs" user password,
 	    which would be terrible to have in the hands
-	    of a criminal.  Also some files under $BUGZILLA_HOME/data store sensitive information.
+	    of a criminal.  Also some files under $BUGZILLA_HOME/data/ store sensitive information, and
+	    $BUGZILLA_HOME/shadow/ stores bug information for faster retrieval.  If you fail to secure
+	    these directories and this file, you will expose bug information to those who may not
+	    be allowed to see it.
 	  </PARA>
 	  <PARA>
 	    On Apache, you can use .htaccess files to protect access to these directories, as outlined
-- 
cgit v1.2.3-24-g4f1b