source: postlfs/security/security.xml@ 1ea79a1

10.0 10.1 11.0 6.0 6.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 ken/refactor-virt krejzi/svn lazarus nosym perl-modules qt5new systemd-11177 systemd-13485 trunk upgradedb v5_1 xry111/git-date xry111/git-date-for-trunk xry111/git-date-test
Last change on this file since 1ea79a1 was 1ea79a1, checked in by Bruce Dubbs <bdubbs@…>, 18 years ago

Typos and punctuation

git-svn-id: svn:// af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 1.3 KB
[f45b1953]1<chapter id="postlfs-security">
[bae6e15]2<?dbhtml filename="security.html"?>
[e1d7dec]5<para>Security takes many forms in a computing environment. This chapter
[419dd50]6gives examples of three different types of security: access, prevention
[cf7ae162]7and detection.</para>
9<para>Access for users is usually handled by <command>login</command> or an
10application designed to handle the login function. In this chapter, we show
11how to enhance <command>login</command> by setting policies with
[e1d7dec]12<application><acronym>PAM</acronym></application> modules. Access via networks
[cf7ae162]13can also be secured by policies set by <application>iptables</application>,
14commonly referred to as a firewall.</para>
16<para>Prevention of breaches, like a trojan, are assisted by applications like
[419dd50]17<application>GnuPG</application>, specifically the ability to confirm signed
[1ea79a1]18packages, which recognizes modifications of the <acronym>TAR</acronym> ball after
[5e18c49c]19the packager creates it.</para>
21<para> Finally, we touch on detection with a package that stores "signatures"
22of critical files (defined by the administrator) and then regenerates those
[e1d7dec]23"signatures" and compares for files that have been changed.</para>
Note: See TracBrowser for help on using the repository browser.