install-guide fedora-install-guide-firewallconfig-en.xml,1.5,1.6
Paul W. Frields (pfrields)
fedora-docs-commits at redhat.com
Sat May 14 22:35:29 UTC 2005
Author: pfrields
Update of /cvs/docs/install-guide
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28222
Modified Files:
fedora-install-guide-firewallconfig-en.xml
Log Message:
1. A few style edits - best first-draft work yet!
2. Reminder: the GUI main menu now has both user preferences and
system settings under a "Desktop" menu
Index: fedora-install-guide-firewallconfig-en.xml
===================================================================
RCS file: /cvs/docs/install-guide/fedora-install-guide-firewallconfig-en.xml,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- fedora-install-guide-firewallconfig-en.xml 12 May 2005 23:55:57 -0000 1.5
+++ fedora-install-guide-firewallconfig-en.xml 14 May 2005 22:35:27 -0000 1.6
@@ -1,66 +1,66 @@
<!-- $Id: -->
-<chapter id="ch-firewallconfig">
- <title>Firewall Configuration</title>
+<chapter id="ch-security-config">
+ <title>Security Configuration</title>
<para>
- The default security configuration for &FC; will protect your system
+ The default security configuration for &FC; protects your system
without restricting any of the functions of a desktop or laptop
- computer. If you are installing a server then you will need to
- alter these settings in order to enable others to access the system.
+ computer. If you are installing a server, you may need to alter
+ these settings so others can access the system.
</para>
+ <figure id="fig-firewall">
+ <title>Security Configuration Screen</title>
+ <mediaobject>
+ <imageobject>
+ <imagedata fileref="./figs/firewall.eps" format="EPS"/>
+ </imageobject>
+ <imageobject>
+ <imagedata fileref="./figs/firewall.png" format="PNG"/>
+ </imageobject>
+ <textobject>
+ <para>
+ Security configuration screen.
+ </para>
+ </textobject>
+ </mediaobject>
+ </figure>
+
<para>
- Click <guibutton>Next</guibutton> to proceed after you have reviewed
- the security configuration and made any necessary changes.
+ Select <guibutton>Next</guibutton> to proceed after you review the
+ security configuration and make any necessary changes.
</para>
-
- <sect1 id="s1-firewall-settings">
+ <section id="sn-firewall-settings">
<title>Firewall</title>
<para>
- The firewall built into Linux checks every incoming and outgoing
- network connection between your machine and another against a set
- of rules. These rules specify which types of connections are
- permitted and which are denied.
+ The <indexterm>
+ <primary>firewall</primary>
+ </indexterm> <firstterm>firewall</firstterm> built into &FC;
+ checks every incoming and outgoing network connection on your
+ machine against a set of rules. These rules specify which types of
+ connections are permitted and which are denied.
</para>
<para>
By default the firewall is enabled, with a simple set of rules
that allow connections to be made from your system to others, but
- block incoming connections from other systems. You can then
- choose to allow access to specific network services on your &FC;
- system.
+ block incoming connections from other systems. By making changes
+ on this screen, you can allow access to specific network services
+ on your &FED; system.
</para>
<para>
To enable access to services listed on this screen, click the
- checkbox next to the name of the service. After the installation
- is complete you can enable access to other services as well.
+ checkbox next to the service name. After installation is
+ complete, you can enable access to other services as well.
</para>
-
- <figure id="fig-firewall">
- <title>Firewall Configuration Screen</title>
- <mediaobject>
- <imageobject>
- <imagedata fileref="./figs/firewall.eps" format="EPS"/>
- </imageobject>
- <imageobject>
- <imagedata fileref="./figs/firewall.png" format="PNG"/>
- </imageobject>
- <textobject>
- <para>
- Firewall configuration screen.
- </para>
- </textobject>
- </mediaobject>
- </figure>
-
<para>
- Avoid disabling the firewall. If you believe that it is necessary
- to do so, then select <guilabel>No firewall</guilabel>.
+ Avoid disabling the firewall. If you believe it is necessary to
+ do so, however, select <guilabel>No firewall</guilabel>.
</para>
<tip>
@@ -68,51 +68,62 @@
<para>
To change these settings later, use the
<application>system-config-securitylevel</application> utility.
- From the main menu, choose <menuchoice><guimenu>System
- Settings</guimenu><guimenuitem>Security Level and
- Firewall</guimenuitem></menuchoice>.
+ From the main menu, choose <menuchoice>
+ <guimenu>Desktop</guimenu>
+ <guisubmenu>System Settings</guisubmenu><guimenuitem>Security
+ Level and Firewall</guimenuitem></menuchoice>.
</para>
</tip>
- </sect1>
+ </section>
- <sect1 id="s1-selinux">
+ <section id="sn-selinux">
<title>&SEL;</title>
<para>
- The &SEL; (Security Enhanced Linux) framework that is part of &FC;
- limits the actions of both users and programs by enforcing defined
- security policies throughout the operating system. Software bugs
- or configuration changes can render a system vulnerable, and the
- restrictions imposed by the &SEL; policies provide an extra line
- of defense.
+ The <indexterm>
+ <primary>&SEL;</primary>
+ </indexterm> <firstterm>&SEL;</firstterm> (Security Enhanced
+ Linux) framework is part of &FC;. &SEL; limits the actions of both
+ users and programs by enforcing security policies throughout the
+ operating system. Without &SEL; software bugs or configuration
+ changes can render a system more vulnerable. The restrictions
+ imposed by &SEL; policies provide an extra line of defense.
</para>
<para>
- An inflexible set of &SEL; policies could also inhibit many normal
- activities. For this reason &FC; uses targeted policies, which
- only affect specific network services. These services cannot
- perform actions that are not part of their normal functions. This
- means that &SEL; can be <guilabel>Active</guilabel> without
- causing users any inconvenience.
+ Inflexible &SEL; policies might inhibit many normal activities on
+ a &FED; system. For this reason, &FC; uses targeted policies,
+ which only affect specific network services. These services
+ cannot perform actions that are not part of their normal
+ functions. This means that &SEL; can be active without causing
+ users any inconvenience.
+ </para>
+ <para>
+ To use the targeted &SEL; policy on your &FED; system, set the
+ &SEL; mode to <guilabel>Active</guilabel>. This is the default
+ mode for &FED; installations.
</para>
<para>
- As &SEL; is a new technology, a diagnostic mode is provided. If
- you set &SEL; to <guilabel>Warn</guilabel> then the system is
- configured, but any breach of security policies will merely cause
- an error message to appear. No activities are actually prohibited
- when &SEL; is installed in this mode. You can make &SEL; fully
- active at a later time.
+ Because &SEL; is a new technology, a diagnostic mode is provided.
+ If you set &SEL; to <guilabel>Warn</guilabel>, the system is
+ configured, but any breach of security policies only causes an
+ error message to appear. No activities are actually prohibited
+ when &SEL; is installed in this mode. You may change the &SEL;
+ mode to active at any time after booting.
</para>
<para>
- If you choose to have &SEL; <guilabel>Disabled</guilabel> then the
- access control system will not be configured at all. To make
- &SEL; active later you should use the
- <application>system-config-securitylevel</application> utility.
+ If you choose the <guilabel>Disabled</guilabel> mode for &SEL;,
+ &FED; does not configure the access control system at all. To
+ make &SEL; active later, from the main menu, select <menuchoice>
+ <guimenu>Desktop</guimenu>
+ <guisubmenu>System Settings</guisubmenu>
+ <guimenuitem>Security Level and Firewall</guimenuitem>
+ </menuchoice>.
</para>
<tip>
@@ -121,13 +132,18 @@
&SEL; is unique in that it cannot be bypassed, even by the
system administrators. You can configure the behavior of &SEL;
with the <application>system-config-securitylevel</application>
- utility. From the main menu, choose <menuchoice><guimenu>System
- Settings</guimenu><guimenuitem>Security Level and
- Firewall</guimenuitem></menuchoice>.
+ utility. From the main menu, choose <menuchoice>
+ <guimenu>Desktop</guimenu>
+ <guisubmenu>System Settings</guisubmenu>
+ <guimenuitem>Security Level and Firewall</guimenuitem>
+ </menuchoice>.
</para>
</tip>
- </sect1>
+ </section>
+
+
+
</chapter>
<!--
More information about the Fedora-docs-commits
mailing list