From: markt Date: Mon, 25 Oct 2010 13:55:54 +0000 (+0000) Subject: Fix numerous typos. X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=88f93ecffe5f4a11cf61bf29dcfb6ed421e0afba;p=tomcat7.0 Fix numerous typos. Patch provide by Luke Meyer. git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1027120 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml index 7856bbd3d..71362d989 100644 --- a/webapps/docs/security-howto.xml +++ b/webapps/docs/security-howto.xml @@ -33,7 +33,7 @@
-

Tomcat is configured to be reasonable secure for must use cases by +

Tomcat is configured to be reasonably secure for must use cases by default. Some environments may require more, or less, secure configurations. This page is to provide a single point of reference for configuration options that may impact security and to offer some commentary on the @@ -48,7 +48,7 @@

-

Tomcat configuration should not be the only line of defence. The other +

Tomcat configuration should not be the only line of defense. The other components in the system (operating system, network, database, etc.) should also be secured. For the operating system, consider limiting the privileges of the user under which Tomcat is running and limiting access to Tomcat's @@ -66,15 +66,15 @@

Enabling the security manager causes web applications to be run in a - sandbox, significantly limiting a web applications ability to perform + sandbox, significantly limiting a web application's ability to perform malicious actions such as calling System.exit(), establishing network connections or accessing the file system outside of the web application's root and temporary directories.

-

Tomcat is tested with the security manager enabled but the majority of - Tomcat users do not run with a security manager so Tomcat is not as well - tested in this configuration. There have been, and continue to be, bugs - reported that are triggered by running under a security manager.

+

Tomcat is tested with the security manager enabled; but the majority of + Tomcat users do not run with a security manager, so Tomcat is not as well + user-tested in this configuration. There have been, and continue to be, + bugs reported that are triggered by running under a security manager.

The restrictions imposed by a security manager are likely to break most applications if the security manager is enabled. The security manager should @@ -103,7 +103,7 @@

The APR Lifecycle Listener is not stable if compiled on Solaris using - gcc. It using the APR/native connector on Solaris, compile it with the + gcc. If using the APR/native connector on Solaris, compile it with the Sun Studio compiler.

@@ -127,7 +127,7 @@

The maxSavePostSize attribute controls the saving of POST requests during FORM and CLIENT-CERT authentication. The parameters - are cached for the duration of the authentication (that may be many + are cached for the duration of the authentication (which may be many minutes) so this is limited to 4KB by default to reduce exposure to a DOS attack.

@@ -147,10 +147,10 @@

The SSLEnabled, scheme and secure attributes may all be independently set. These are normally used when Tomcat is located behind a reverse proxy and the proxy - is connecting to Tomcat via http or https. They allow Tomcat to see the + is connecting to Tomcat via HTTP or HTTPS. They allow Tomcat to see the SSL attributes of the connections between the client and the proxy rather than the proxy and Tomcat. For example, the client may connect to the - proxy over https but the proxy connects to Tomcat using http. If it is + proxy over HTTPS but the proxy connects to Tomcat using HTTP. If it is necessary for Tomcat to be able to distinguish between secure and non-secure connections received by a proxy, the proxy must use separate connectors to pass secure and non-secure requests to Tomcat. If the @@ -205,8 +205,8 @@ behaviour, use the aliases attribute. Changing this setting from the default of false on case insensitive operating systems (this includes Windows) will disable a number of - security and allow, amongst other things, direct access to the WEB-INF - directory.

+ security measures and allow, among other things, direct access to the + WEB-INF directory.

@@ -215,15 +215,15 @@ per context as required.

Any administrative application should be protected by a - RemoteAddressValve. (Note that this Valve is also available as a Filter). + RemoteAddressValve. (Note that this Valve is also available as a Filter.) The allow attribute should be used to limit access to a set of known trusted hosts.

The default ErrorReportValve includes the Tomcat version number in the response sent to clients. To avoid this, custom error handling can be configured within each web application. Alternatively, the version number - can be changed by creating the following file in - CATALINA_HOME/lib/org/apache/catalina/util/ServerInfo.properties with the + can be changed by creating the file + CATALINA_HOME/lib/org/apache/catalina/util/ServerInfo.properties with content as follows:

server.info=Apache Tomcat/7.0.x @@ -242,7 +242,7 @@ server.info=Apache Tomcat/7.0.x

The MemoryRealm is not intended for production use as any changes to tomcat-users.xml require a restart of Tomcat to take effect.

-

The JDBCRealm is not recommended for production use as it single +

The JDBCRealm is not recommended for production use as it is single threaded for all authentication and authorization options. Use the DataSourceRealm instead.

@@ -253,7 +253,7 @@ server.info=Apache Tomcat/7.0.x mature as the other realms. Additional testing is recommended before using this realm.

-

By default, the realms not not implement any form of account lock-out. +

By default, the realms do not implement any form of account lock-out. This means that brute force attacks can be successful. To prevent a brute force attack, the chosen realm should be wrapped in a LockOutRealm.

 @@ -264,12 +264,12 @@ server.info=Apache Tomcat/7.0.x

The default entropy value has been shown to generate predictable values under certain conditions. For more secure session generation, this should be set to a long string. This is done automatically if the APR/native - library is installed, a random value will be obtained from APR.

+ library is installed; a random value will be obtained from the APR.

-

The class used to generate random session IDs may be changed by using +

The class used to generate random session IDs may be changed with the randomClass attribute.

-

The length of the session ID may be changed by using the +

The length of the session ID may be changed with the sessionIdLength attribute.

@@ -289,12 +289,12 @@ server.info=Apache Tomcat/7.0.x

The org.apache.catalina.connector.Response.ENFORCE_ENCODING_IN_GET_WRITER - has security implications if disabled. Many user agents, in - breach of RFC2616, try and guess the character encoding of text media - types when the specification mandated default of ISO-8859-1 should be - used. If the response contains characters that are safe for ISO-8859-1 - but trigger an XSS if interpreted as UTF-7, some browsers will use UTF-7 - and trigger an XSS vulnerability.

+ system property has security implications if disabled. Many user + agents, in breach of RFC2616, try to guess the character encoding of text + media types when the specification-mandated default of ISO-8859-1 should be + used. Some browsers will interpret as UTF-7 a response containing characters + that are safe for ISO-8859-1 but trigger an XSS vulnerability if interpreted + as UTF-7.