Red Hat Bugzilla – Bug 74693
mistake in "BIOS and Boot Loader Security"
Last modified: 2007-04-18 12:46:56 EDT
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1) Gecko/20020827 Description of problem: Chapter 4. Workstation Security, BIOS and Boot Loader Security, at the bottom: > Warning > > The /etc/lilo.conf file is world-readable. If you are password > protecting LILO, it essential that you only allow root to read and > edit the file since all passwords are in plain text. To do this, > type the following command as root: > > chmod 600 /boot/grub/grub.conf Should read chmod 600 /etc/lilo.conf of course. The advanced user will know this, though. Version-Release number of selected component (if applicable): rhl-sg(EN)-8.0-HTML-RHI (2002-08-30T11:29-0400)
I will be issuing an errata on this shortly. Thanks you so much for catching that -- not sure how that slipped through :-( Johnray
I could not find this error on any of the current Docs. I know it at one time existed, but the printed version is correct as is the HTML and PDF on the Web site. If you find a link to this error, let me know and I'll fix it. As it satnds, I am closing this bug as it is corrected already. Thank you so much for your help! Johnray
For sake of tracking bugs, please do me a favour and don't close it as NOTABUG, but as FIXED or something like that. It *is* a bug in exactly the version I have specified in the bug report. That is the version of the documentation that ships with Psyche on the Documentation CD. Wonder why the intro to each guide asks the user to report that version number? If the bug got fixed meanwhile with online updates, it got fixed. But that doesn't make this NOTABUG.
Btw, the following page contains the version of the docs with this bug: http://www.europe.redhat.com/documentation/rhl8.0/rhl-sg-en-8.0/s1-wstation-boot-sec.php3
And another one: When you fix bugs/typos like this, please consider updating the manual's version identifier. Here's a fixed version of the guide with an unchanged manual intentifier: http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/security-guide/s1-intro-more-to-come.html#S2-INTRO-FEEDBACK
Okay, closing as "errata," since there is no "fixed." I did not know you were referring to the Docs-CD version of the docs. The issue was fixed in the printed and online versions, but the CD is made before that. I will send your comments to the team and see if we can correct the versioning sitution. Thanks for your help. J
One final note, current policy is to change bookdate if there is major, such as rewriting or removing a section. We are discussing ways to clarify the Bug posting Text so that it is more clear. J
Oops, so much for proof reading in the previous post... By major, I meant major changes. Sorry, J