Re: Please review text for security warning

To: debian-l10n-english@lists.debian.org
Cc: Ryan Tandy <ryan@nardis.ca>
Subject: Re: Please review text for security warning
From: Justin B Rye <justin.byam.rye@gmail.com>
Date: Tue, 21 Oct 2014 03:56:48 +0100
Message-id: <[🔎] 20141021025648.GA17698@xibalba.demon.co.uk>
Mail-followup-to: debian-l10n-english@lists.debian.org, Ryan Tandy <ryan@nardis.ca>
In-reply-to: <[🔎] 54456C03.3050707@nardis.ca>
References: <[🔎] 54306DA9.80706@nardis.ca> <[🔎] 20141004232650.GA15861@xibalba.demon.co.uk> <[🔎] 54456C03.3050707@nardis.ca>

Ryan Tandy wrote:
> Template: slapd/backend
> Type: select
> Choices: BDB, HDB, MDB
> Default: MDB
> _Description: Database backend to use:
>  HDB and BDB use similar storage formats, but HDB adds support for
>  subtree renames. Both support the same configuration options.
>  .
>  The MDB backend is recommended. MDB uses a new storage format and
>  requires less configuration than BDB or HDB.
>  .
>  In any case, you should review the resulting database configuration for
>  your needs. See /usr/share/doc/slapd/README.Debian.gz for more details.

Ah, changed recommendation.  Yes, still makes sense.

> Template: slapd/unsafe_selfwrite_acl
> Type: note
> #flag:comment:3
> # Translators: keep "by self write" and "to *" unchanged. These are
> # part of the slapd configuration and are not translatable.
> _Description: Access rules permit self-modification by users
>  One or more of the configured databases has an access control rule
>  that allows users to modify most of their own attributes. This may be
>  unsafe, depending on how the database is used.
>  .
>  It is recommended to remove "by self write" from access rules
>  beginning with "to *", so that users are only able to modify
>  specifically allowed attributes.
>  .
>  See /usr/share/doc/slapd/README.Debian.gz for more details.

Is anyone likely to misread "self-modification by users" as meaning
"getting my ears pierced", or is that the kind of thing that only
occurs to pedants?

I might suggest adding the word "slapd" or "slapd.conf" in the first
couple of lines, though there is a good clue at the end.

Non-native speakers can find "integrated" relative clauses ("rules
beginning with") hard to follow, so I would suggest saying "rules that
begin with" instead.  You might even rearrange it as

   In the case of slapd access rules that begin with "to *", it is
   recommended to remove any instances of "by self write", so that
   users are only able to modify specifically allowed attributes.

-- 
JBR	with qualifications in linguistics, experience as a Debian
	sysadmin, and probably no clue about this particular package

Reply to:

Follow-Ups:
- Re: Please review text for security warning
  - From: Ryan Tandy <ryan@nardis.ca>

References:
- Please review text for security warning
  - From: Ryan Tandy <ryan@nardis.ca>
- Re: Please review text for security warning
  - From: Justin B Rye <justin.byam.rye@gmail.com>
- Re: Please review text for security warning
  - From: Ryan Tandy <ryan@nardis.ca>

Prev by Date: Re: Please review text for security warning
Next by Date: Re: Please review text for security warning
Previous by thread: Re: Please review text for security warning
Next by thread: Re: Please review text for security warning
Index(es):
- Date
- Thread