Changeset cf7ae162 for postlfs/security/security.xml

Timestamp:

09/21/2003 07:11:48 PM (20 years ago)

Author:

Larry Lawrence <larry@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 6.0, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, ken/inkscape-core-mods, krejzi/svn, lazarus, nosym, perl-modules, plabs/python-mods, qt5new, systemd-11177, systemd-13485, trunk, upgradedb, v5_0, v5_0-pre1, v5_1, v5_1-pre1, xry111/intltool, xry111/soup3, xry111/test-20220226

Children:

7c6fa631

Parents:

2a7d0fc9

Message:

update to lcms-1.11

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@1150 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:

• postlfs/security/security.xml (modified) (2 diffs)

postlfs/security/security.xml

@@ -5 +5 @@
 <para>Security takes many forms in a computing environment. This chapter
 gives examples of three different types of security; access, prevention
-and detection.  Access for users is usually handled by
-<command>login</command> or an application designed to handle the login
-function.  In this chapter, we show how to enhance
-<command>login</command> by setting policies with
+and detection.</para>
+
+<para>Access for users is usually handled by <command>login</command> or an 
+application designed to handle the login function.  In this chapter, we show 
+how to enhance <command>login</command> by setting policies with
 <application><acronym>PAM</acronym></application> modules.  Access via networks
-can also be secured by policies set by
-<application>iptables</application>. Prevention of breaches, like
-trojans, are assisted by applications like <application>gnupg</application>, 
-specifically the ability to confirm signed packages, which prevents 
-modification of the tarball after the packager creates it. Finally, we touch on 
-detection with a package that stores "signatures" and then regenerates those
+can also be secured by policies set by <application>iptables</application>, 
+commonly referred to as a firewall.</para>
+
+<para>Prevention of breaches, like a trojan, are assisted by applications like 
+<application>gnupg</application>, specifically the ability to confirm signed 
+packages, which prevents modification of the tarball after the packager creates 
+it.</para>
+
+<para> Finally, we touch on detection with a package that stores "signatures" 
+of critical files (defined by the administrator) and then regenerates those 
 "signatures" and compares for files that have been changed.</para>
 
@@ -24 +29 @@
 &gnupg;
 &tripwire;
-&postlfs-security-syslog;
+<!--&postlfs-security-syslog;-->
 
 </chapter>