From owner-freebsd-doc@FreeBSD.ORG Sat Feb 5 20:00:25 2005 Return-Path: Delivered-To: freebsd-doc@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 034C816A4CE for ; Sat, 5 Feb 2005 20:00:25 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id BB0B743D45 for ; Sat, 5 Feb 2005 20:00:24 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id j15K0O5k019789 for ; Sat, 5 Feb 2005 20:00:24 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.1/8.13.1/Submit) id j15K0OXR019785; Sat, 5 Feb 2005 20:00:24 GMT (envelope-from gnats) Resent-Date: Sat, 5 Feb 2005 20:00:24 GMT Resent-Message-Id: <200502052000.j15K0OXR019785@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-doc@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Siebrand Mazeland Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9298716A4CE for ; Sat, 5 Feb 2005 19:52:18 +0000 (GMT) Received: from nfishbone.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5DC3843D48 for ; Sat, 5 Feb 2005 19:52:17 +0000 (GMT) (envelope-from siebrand@nitro.dk) Received: by nfishbone.nitro.dk (Postfix, from userid 1026) id 04A0B61C35; Sat, 5 Feb 2005 20:52:16 +0100 (CET) Message-Id: <20050205195216.04A0B61C35@nfishbone.nitro.dk> Date: Sat, 5 Feb 2005 20:52:16 +0100 (CET) From: Siebrand Mazeland To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Subject: docs/77148: [PATCH] Minor text fixes on Handbook chapter MAC X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Siebrand Mazeland List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Feb 2005 20:00:25 -0000 >Number: 77148 >Category: docs >Synopsis: [PATCH] Minor text fixes on Handbook chapter MAC >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 05 20:00:24 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Siebrand Mazeland >Release: FreeBSD 5.3-RELEASE-p4 i386 >Organization: >Environment: System: FreeBSD nfishbone.nitro.dk 5.3-RELEASE-p4 FreeBSD 5.3-RELEASE-p4 #1: Sun Jan 16 03:35:01 CET 2005 simon@nfishbone.nitro.dk:/usr/obj/usr/src/sys/FISHBONE i386 >Description: Translating the MAC chapter, I've come acrossing some tiny spelling errors. Please find patch attached. >How-To-Repeat: >Fix: Index: en_US.ISO8859-1/books/handbook/mac/chapter.sgml =================================================================== RCS file: /home/ncvs/doc/en_US.ISO8859-1/books/handbook/mac/chapter.sgml,v retrieving revision 1.38 diff -u -r1.38 chapter.sgml --- en_US.ISO8859-1/books/handbook/mac/chapter.sgml 12 Jan 2005 01:55:04 -0000 1.38 +++ en_US.ISO8859-1/books/handbook/mac/chapter.sgml 5 Feb 2005 19:35:13 -0000 @@ -303,7 +303,7 @@ files by setting certain objects as classified? In the file system case, access to objects might be - considered confidential to some users but not to others. + considered confidential to some users, but not to others. For an example, a large development team might be broken off into smaller groups of individuals. Developers in project A might not be permitted to access objects written @@ -372,7 +372,7 @@ with a value of low. A few policies which support the labeling feature in - &os; offers three specific predefined labels. These + &os; offer three specific predefined labels. These are the low, high, and equal labels. Although they enforce access control in a different manner with each policy, you can be sure that the low label will be the lowest setting, @@ -385,7 +385,7 @@ used on objects. This will enforce one set of access permissions across the entire system and in many environments may be all that is required. There are a few - cases; however, where multiple labels may be set on objects + cases, however, where multiple labels may be set on objects or subjects in the file system. For those cases, the option may be passed to &man.tunefs.8;. @@ -406,7 +406,7 @@ configures the policy so that users are placed in the appropriate categories/access levels. Alas, many policies can restrict the root user as well. Basic - control over objects will then be released to the group but + control over objects will then be released to the group, but root may revoke or modify the settings at any time. This is the hierarchal/clearance model covered by policies such as Biba and MLS. @@ -1565,7 +1565,7 @@ The biba/high label will permit - writing to objects set at a lower label but not + writing to objects set at a lower label, but not permit reading that object. It is recommended that this label be placed on objects that affect the integrity of the entire system. @@ -1653,7 +1653,7 @@ The MAC version of the Low-watermark integrity policy, not to be confused with the older &man.lomac.4; - implementation, works almost identically to Biba but with the + implementation, works almost identically to Biba, but with the exception of using floating labels to support subject demotion via an auxiliary grade compartment. This secondary compartment takes the form of [auxgrade]. >Release-Note: >Audit-Trail: >Unformatted: