Security(7) nits
--8t9RHnE3ZwKMSgU+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Here are a few grammar nits I fixed.
Jonathon McKitrick
--
My other computer is your Windows box.
--8t9RHnE3ZwKMSgU+
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="patch2.diff"
Index: security.7
===================================================================
RCS file: /home/dcvs/src/share/man/man7/security.7,v
retrieving revision 1.4
diff -u -r1.4 security.7
--- security.7 28 Jun 2004 02:57:10 -0000 1.4
+++ security.7 13 Feb 2005 19:59:55 -0000
@@ -256,7 +256,7 @@
.Pp
There are a number of other servers that typically do not run in sandboxes:
sendmail, popper, imapd, ftpd, and others. There are alternatives to
-some of these, but installing them may require more work then you are willing
+some of these, but installing them may require more work than you are willing
to put
(the convenience factor strikes again).
You may have to run these
@@ -307,7 +307,7 @@
required, but still a very good solution compared to a crypted password
file.
.Sh SECURING THE PASSWORD FILE
-The only sure fire way is to *-out as many passwords as you can and
+The only sure-fire way is to *-out as many passwords as you can and
use ssh or kerberos for access to those accounts. Even though the
crypted password file
.Pq Pa /etc/spwd.db
@@ -462,8 +462,8 @@
continuing basis through a secure machine monitoring the consoles.
.Sh PARANOIA
A little paranoia never hurts. As a rule, a sysadmin can add any number
-of security features as long as they do not effect convenience, and
-can add security features that do effect convenience with some added
+of security features as long as they do not affect convenience, and
+can add security features that do affect convenience with some added
thought. Even more importantly, a security administrator should mix it up
a bit - if you use recommendations such as those given by this manual
page verbatim, you give away your methodologies to the prospective
@@ -482,7 +482,7 @@
Kernel Route Cache
.El
.Pp
-A common DOS attack is against a forking server that attempts to cause the
+A common D.O.S. attack is against a forking server that attempts to cause the
server to eat processes, file descriptors, and memory until the machine
dies. Inetd
(see
@@ -570,7 +570,7 @@
(except for certain specific
internet-accessible ports, of course).
.Pp
-Another common DOS attack is called a springboard attack - to attack a server
+Another common D.O.S. attack is called a springboard attack - to attack a server
in a manner that causes the server to generate responses which then overload
the server, the local network, or some other machine. The most common attack
of this nature is the ICMP PING BROADCAST attack. The attacker spoofs ping
--8t9RHnE3ZwKMSgU+--
討論串 (同標題文章)