[securityguide] Cleaned up a few lines

Eric Christensen sparks at fedoraproject.org
Fri Jun 27 13:23:33 UTC 2014 

commit 1c563092e88619ee7cbc857be52ec8c289ea21ed
Author: Eric H Christensen <sparks at redhat.com>
Date:   Fri Jun 27 09:21:37 2014 -0400

    Cleaned up a few lines

 en-US/Basic_Hardening.xml |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/en-US/Basic_Hardening.xml b/en-US/Basic_Hardening.xml
index cbcc833..2562fa8 100644
--- a/en-US/Basic_Hardening.xml
+++ b/en-US/Basic_Hardening.xml
@@ -10,12 +10,12 @@
 	<section id="sect-Security_Guide-Basic_Hardening-General_Principles">
 		<title>General Principles</title> 
 			<para><simplelist>
-				<member>Encrypt all data transmitted over the network.  Encrypting authentication information (such as passwords) is particularly important.</member>
+				<member>Encrypt all data transmitted over the network.  Encrypting authentication information, such as passwords and cookies, is particularly important.</member>
 				<member>Minimize the amount of software installed and running in order to minimize vulnerability.</member>
 				<member>Use security-enhancing software and tools whenever available (e.g. SELinux and IPTables).</member>
 				<member>Run each network service on a separate server whenever possible.  This minimizes the risk that a compromise of one service could lead to a compromise of others.</member>
 				<member>Maintain user accounts.  Create a good password policy and enforce its use.  Delete unused user accounts.</member>
-				<member>Review system and application logs on a routine basis.  Send logs to a dedicated log server.  This prevents intruders from easily avoiding detection by modifying the local logs.</member>
+				<member>Review system and application logs on a routine basis.  Send logs to a dedicated, centralized log server.  This prevents intruders from easily avoiding detection by modifying the local logs.</member>
 				<member>Never log in directly as root, unless absolutely necessary.  Administrators should use <command>sudo</command> to execute commands as root when required.  The accounts capable of using sudo are specified in <filename>/etc/sudoers</filename>, which is edited with the visudo utility.  By default, relevant logs are written to <filename>/var/log/secure</filename>.</member>
 			</simplelist></para>
 	</section>

More information about the docs-commits mailing list