diff options
| author | Benedict Reuschling <bcr@FreeBSD.org> | 2025-08-28 15:51:38 +0000 |
|---|---|---|
| committer | Benedict Reuschling <bcr@FreeBSD.org> | 2025-08-29 08:30:14 +0000 |
| commit | 63d63c114e8992e455b8f2390f95bdc8c6a92282 (patch) | |
| tree | 1c2ee66bc70421f09380f943c34439952a102c38 | |
| parent | ddec620a4f26057a86e335ff8273bba2ca247299 (diff) | |
Avoid the use of "you" in the security chapter
Rewrite sentences that contain 'you', which should be avoided according
to the FDP Primer. The resulting sentences are easier to understand and
often shorter. I did not change programlistings and other output as
these are from programs, which need to be changed first (out of scope of
this change).
Event: Oslo Hackathon 2025
Reviewed by: carlavilla
Differential Revision: https://reviews.freebsd.org/D52217
| -rw-r--r-- | documentation/content/en/books/handbook/security/_index.adoc | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/documentation/content/en/books/handbook/security/_index.adoc b/documentation/content/en/books/handbook/security/_index.adoc index 53be6040d1..f2dc051b6a 100644 --- a/documentation/content/en/books/handbook/security/_index.adoc +++ b/documentation/content/en/books/handbook/security/_index.adoc @@ -256,7 +256,7 @@ Enter new password: If a password that does not match the policy is entered, it will be rejected with a warning and the user will have an opportunity to try again, up to the configured number of retries. -If your organization's policy requires passwords to expire, FreeBSD supports the `passwordtime` in the user's login class in [.filename]#/etc/login.conf# +If the organization's policy requires passwords to expire, FreeBSD supports the `passwordtime` in the user's login class in [.filename]#/etc/login.conf# The `default` login class contains an example: @@ -580,7 +580,7 @@ All devices may be read or written subject to their permissions. 1:: *Secure mode* - the system immutable and system append-only flags may not be turned off; disks for mounted file systems, [.filename]#/dev/mem# and [.filename]#/dev/kmem# may not be opened for writing; -[.filename]#/dev/io# (if your platform has it) may not be opened at all; kernel modules (see man:kld[4]) may not be loaded or unloaded. +[.filename]#/dev/io# (if the platform has it) may not be opened at all; kernel modules (see man:kld[4]) may not be loaded or unloaded. The kernel debugger may not be entered using the debug.kdb.enter sysctl. A panic or trap cannot be forced using the debug.kdb.panic, debug.kdb.panic_str and other sysctl's. @@ -1888,7 +1888,7 @@ Additionally, always exercise caution when editing system configuration files, e === Enabling and Configuring Resource Limits The man:rctl[8] system provides a more fine-grained way to set and manage resource limits for individual processes and users. -It allows you to dynamically assign resource limits to specific processes or users, regardless of their user class. +It allows dynamically assigning resource limits to specific processes or users, regardless of their user class. The first step to use man:rctl[8] will be to enable it adding the following line to [.filename]#/boot/loader.conf# and reboot the system: |