From eb9abac0c83ec5fdf16aa907f5f653eb3804b359 Mon Sep 17 00:00:00 2001 From: "jake%bugzilla.org" <> Date: Sat, 4 Dec 2004 06:56:31 +0000 Subject: Correct some minor typos in the security chapter. --- docs/xml/security.xml | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) (limited to 'docs/xml') diff --git a/docs/xml/security.xml b/docs/xml/security.xml index de859e6b5..790750d98 100644 --- a/docs/xml/security.xml +++ b/docs/xml/security.xml @@ -1,5 +1,5 @@ - + Bugzilla Security @@ -32,7 +32,7 @@ audit your server and make sure that you aren't listening on any ports you don't need to be. It's also highly recommended that the server Bugzilla resides on, along with any other machines you administer, be - placed behind some kinda of firewall. + placed behind some kind of firewall. @@ -40,7 +40,7 @@
System User Accounts - Many daemon, such + Many daemons, such as Apache's httpd or MySQL's mysqld, run as either root or nobody. This is even worse on Windows machines where the @@ -51,7 +51,7 @@ not be so obvious. Basically, if you run every daemon as nobody and one of them gets comprimised it can comprimise every other daemon running as nobody on your - machine. For this reason it is recommended that you create a user + machine. For this reason, it is recommended that you create a user account for each daemon. @@ -187,7 +187,7 @@ skip-networking Bugzilla is currently layed out, the list of what should and should not be accessible is rather complicated. A new installation method is currently in the works which should solve this by allowing files that - shouldn't be accessible from the web to be placed in directory outside + shouldn't be accessible from the web to be placed in a directory outside the webroot. See bug 44659 for more information. @@ -318,7 +318,8 @@ skip-networking To test, simply point your web browser at the file; for example, to test mozilla.org's installation, we'd try to access . You should get - a 403 Forbidden error. + a 403 Forbidden + error. @@ -372,18 +373,21 @@ skip-networking Due to internationalization concerns, we are unable to incorporate by default the code changes suggested by - the CERT advisory on this issue. + url="http://www.cert.org/tech_tips/malicious_code_mitigation.html#3">the + CERT advisory on this issue. If your installation is for an English speaking audience only, making the - change below will prevent this problem. + change in will prevent + this problem. - Simply locate the following line in - Bugzilla/CGI.pm: - $self->charset(''); - and change it to: - $self->charset('ISO-8859-1'); - + + Locate the following line in + Bugzilla/CGI.pm: + $self->charset(''); + and change it to: + $self->charset('ISO-8859-1'); + +
@@ -409,3 +413,4 @@ sgml-parent-document:("Bugzilla-Guide.xml" "book" "chapter") sgml-shorttag:t sgml-tag-region-if-active:t End: --> + -- cgit v1.2.3-24-g4f1b