[docteam-commits] [Branch ~ubuntu-core-doc/ubuntu-doc/ubuntu-hardy] Rev 3654: Patch by Gilbert Mendoza.

Phil Bull philbull at gmail.com
Mon Jan 21 20:24:06 UTC 2008

Hi guys,

Just noticed a couple of minor typos on this commit.

On Mon, 2008-01-21 at 17:39 +0000, noreply at launchpad.net wrote:
> ------------------------------------------------------------
> revno: 3654
> committer: Adam Sommer <asommer70 at gmail.com>
> branch nick: ubuntu-hardy
> timestamp: Mon 2008-01-21 12:38:35 -0500
> message:
>   Patch by Gilbert Mendoza.
> modified:
>   generic/server/C/security.xml
> +             The following is an example of how you can change an
> explicit expiration  date (-E) to 01/31/2008, minimum passsword age
> (-m) of 5 days, maximum password  age (-M) of 90 days, inactivity
> period (-I) of 5 days after password expiration, and a warning time
> period (-W) of 14 days before password expiration.

Note the typo "passsword", and the lack of an apostrophe (') for
the word "accounts". It might be best to avoid using words requiring an
apostrophe anyway, as I understand that it can make translations more

> +     As with any other security barrier you put in place to protect
> server, it is pretty tough to defend against untold damage caused by
> someone with physical access to your environment.  e.g. Theft of hard
> drives, power or service disruption, etc.  Therefore, console security
> should be addressed merely as one component of your overall physical
> security strategy.  A locked "screen door" may deter a casual
> criminal, or at the very least slow down a determined one, so it is
> still advisable to perform basic precautions with regard to console
> security.

"environment.  e.g. Theft of hard drives, power or service disruption,
etc." => "environment, for example, theft of hard drives, power or
service disruption and so on."

(This one is a nitpick.)

> +     The following sections will limit a persons ability to perform
> fairly simple attacks against your server that could yield very
> serious consequences.

"persons" => "person's"

> +             To disable the reboot action taken by pressing the Ctrl
> key combination, comment out the following line in the file
> <emphasis>/etc/event.d/control-alt-delete</emphasis>.

Should probably use the "filename" tag here instead of "emphasis", and
should mark up C-A-D with the keycombo tag (nitpick).

> +     Therefore, it is important to control who may edit the grub menu
> items to, <emphasis>(a)</emphasis> pass kernel options at boot up, and
> <emphasis>(b)</emphasis> boot the server into single user mode.  You
> can do this by simply adding a password to grubs configuration file
> <emphasis>/boot/grub/menu.lst</emphasis>, which will be required to
> unlock grubs more advanced features prior to use.

May be preferable to use an itemizedlist for the "(a)" and "(b)" bits
(nitpick). Also, "grubs" => "grub's" (two instances) and use
filename instead of emphasis.

> +             Add the resulting hash value to
> <emphasis>/etc/grub/menu.lst</emphasis> in the following format:

emphasis => filename

> +             To require the use of the password for entering single
user mode,
> change the <emphasis>"lockalterntive"</emphasis> value in
> <emphasis>/boot/grub/menu.lst</emphasis> to
> <emphasis>"true"</emphasis>.

"lockalterntive" => "lockalternative"

As I said, very minor stuff and a few nitpicks, but thought I'd best
report them since I'd noticed them.



Phil Bull

More information about the ubuntu-doc mailing list