security-general.dita@ 105293

Last change on this file since 105293 was 105134, checked in by vboxsync, 7 months ago

Docs: bugref:10705. This is a merge commit to introduce doc team's changes in the user manual dita files. The following files
are excluded from this process:

Files whose names satrt with "viso", "vboxmanage", "man_", "vboximg", "vboxheadless", or "user_isomakercmd-man".

And general notes about this merge are as follows:

For now I leave glossentry-*dita file as they are since we use different enclosing dita elements
in hdimagewrites.dita we have <note type="attention"> while doc team's copy has <note type="caution">. Not sure if this is significant.

For now I copy doc team's version over.

I have not modified our UserManual.ditamap file. This will be done in a follow up commit.

The list of commits we have merged are as follows:

r3392: 7.1 new features; add comments to some DITA topics
r3730: VBP-283: Update supported platforms; 7.0 and 7.1
r3980: 7.1: reset menu option; add note
r3992: ARM hosts; add draft topic on limitations; add container topic for ARM-based subtopics
r3993: ARM create new VM wizard: add some dummy topics
r4014: ER 34784410 DOCUMENT THE VIRTUAL MACHINE TASKBAR ICONS: port topic and icon graphics from 7.0 tree
r4026: VBP-378: status bar icons; remove any mention of task bar; ported from 7.0
r4034: Cloning a cloud VM; add draft topic
r4035: Cloning a cloud VM;typo
r4036: Cloning a cloud VM;add xref from intro topic
r4050: Reset operation; add instructions
r4051: Amend comment
r4052: Ditaval markup for images
r4056: Add ditaval markup for images
r4057: Add ditaval markup for images
r4058: Add ditaval markup for images
r4073: UI experience level: add dummy topic
r4075: Subtype: option for VM settings General tab and Create VM wizard
r4094: Cloud VM reset; add to relnotes
r4095: Reset VM; use main Machine menu, rather than right-click menu
r4099: ARM hosts; draft revisions to cover different wizard screens
r4134: Cloud VMs: file manager menu option; add comment
r4214: Settings page, Motherboard tab: Chipset option for Arm VMs; add note
r4306: Terminology checker: clear up Errors; Installation chapter
r4307: Terminology checker: clear up Errors; Config settings/GA chapters
r4308: Terminology checker: clear up Errors; Storage, networking, remote VM chapters
r4311: Terminology checker: clear up Errors: various
r4324: Prefences and settings; potential areas for change in 7.1
r4356: r160214: Monitoring cloud VM performance; add new topic
r4358: r160214: Monitoring cloud VM performance; add new topic
r4364: r160214: Monitoring cloud VM performance; redraft topic
r4374: Experience levels; update user manual topic
r4377: Experience levels; Preferences window: add note re. availability of all possible settings
r4378: Experience levels; Preferences window: add note re. availability of all possible settingsLp
r4379: Typos and add remark re. Global menu changes
r4387: Preferences, Display: some settings introduced post-7.0: font scaling and extended features
r4388: Performance monitoring: add cloud VM instances to intro para
r4389: Experience levels: selecting a level, add graphic of icon
r4391: Resource monitoring; add CLI example to show CPU usage for a cloud instance
r4395: Experience levels; apply to menu items only
r4398: Experience levels; add notes
r4401: Experience levels; remove pics of global tools menu/machine tools menu; number of menu items can vary
r4402: Experience levels; remove image files for global tools menu/machine tools menu
r4525: Experience levels: minor redraft
r4528: Typo
r4538: Experience levels: selected level applies throughout VirtualBox Manager GUI
r4543: GUI topics; add notes for required changes
r4544: VISO Creator changes
r4563: r160714: unattended guest install example; now has user-password option
r4569: Terminology: front end, not front-end
r4570: Arm wizard screens; remove, as Create VM Wizard will be very similar regardless of architecture
r4571: Arm wizard screens; remove, as Create VM Wizard will be very similar regardless of architecture
r4623: Cloud VM monitoring: Compute Instance Monitoring plugin must be enabled; add note
r4625: CPU activity icon; update, now has solid bar
r4626: GUI changes; various, from Serkan; includes new pic for soft keyboard
r4629: separate mode: add some draft topics, will need to get technical review at a later stage
r4634: GUI; various notes and updates
r4655: Typo
r4703: Arm host platform limitations; redraft and add topic to host OS section
r4724: VISO creator; add notes re. ISO import
r4725: Separate mode: edits
r4863: r161176; Python 2.x no longer supported for API
r4899: Arm host support: limitations
r4910: Create VM wizard: settings may vary x86 vs. Arm hosts
r4911: Guest OS support; add note re. supported aarch64 OSes
r4973: r161445: Remove mention of parallel port support
r5004: Cloud VM monitoring: detailed data graphs and Activity Overview
r5038: Cloud VM monitoring: export to file
r5214: r161947: Solaris non-Global zone configuration
r5215: r161947: Solaris non-Global zone configuration; typo
r5230: Glossary: fix title for I/O APIC topic
r5341: Experience levels; can be selected from welcome screen in VirtualBox Manager; need replacement pic
r5345: Experience levels; add note on Welcome screen option
r5346: Arm host limitations; unavailable System settings
r5434: r162377: shared folders; symlinks behaviour
r5565: Cloud VM list in VirtualBox Manager; show mixed VM types; screenshot from Klaus
r5627: Obfuscate UUID data in screen shot
r5628: Delete legacy cloudvm pic; use mixed VMs example
r5654: Clean up comments in source files; redraft VM activity section
r5672: 7.1 changes; add comments
r5683: 7.1 changes; add comments for Arm topics
r5687: 7.1 changes; GUI; add comments
r5703: Oracle notices; include up to date versions in preface-* topics for User Guide
r5707: r162904: Windows install directory requirements; redraft
r5781: updated GNU version from 2 to 3 as per r163272
r5812: started removal of screenshots and updating tasks VBP-807
r5818: Further updates to creating a VM VBP-807
r5822: Restructured topics and made task based VBP-807
r5824: Removed files during restructure VBP-807
r5834: Fixed formatting of note and caution VBP-807
r5836: Updated supported host OS list VBP-825
r5837: updated USB topics for VBP-823
r5842: changes as per legal request re supported guests VBP-843
r5853: Updated versions following review. VBP-825

Property svn:eol-style set to native
Property svn:keywords set to Id Revision

File size: 2.8 KB

Line
1	<?xml version='1.0' encoding='UTF-8'?>
2	<!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
3	<topic xml:lang="en-us" id="security-general">
4	<title>General Security Principles</title>
5
6	<body>
7	<p>
8	The following principles are fundamental to using any application
9	securely.
10	</p>
11	<ul>
12	<li>
13	<p><b outputclass="bold">Keep software up-to-date</b>. One of the principles of good
14	security practise is to keep all software versions and patches up-to-date. Activate the
15	<ph conkeyref="vbox-conkeyref-phrases/product-name"/> update notification to get
16	notified when a new <ph conkeyref="vbox-conkeyref-phrases/product-name"/> release is
17	available. When updating <ph conkeyref="vbox-conkeyref-phrases/product-name"/>, do not
18	forget to update the Guest Additions. Keep the host operating system as well as the guest
19	operating system up-to-date. </p>
20	</li>
21	<li>
22	<p><b outputclass="bold">Restrict network access to critical
23	services.</b> Use proper means, for instance a
24	firewall, to protect your computer and your guests from
25	accesses from the outside. Choosing the proper networking mode
26	for VMs helps to separate host networking from the guest and
27	vice versa.
28	</p>
29	</li>
30	<li>
31	<p><b outputclass="bold">Follow the principle of least
32	privilege.</b> The principle of least privilege states
33	that users should be given the least amount of privilege
34	necessary to perform their jobs. Always execute <ph conkeyref="vbox-conkeyref-phrases/product-name"/>
35	as a regular user. We strongly discourage anyone from
36	executing <ph conkeyref="vbox-conkeyref-phrases/product-name"/> with system privileges.
37	</p>
38	<p>
39	Choose restrictive permissions when creating configuration
40	files, for instance when creating /etc/default/virtualbox, see
41	<xref href="linux_install_opts.dita">Automatic Installation Options</xref>. Mode 0600 is preferred.
42	</p>
43	</li>
44	<li>
45	<p><b outputclass="bold">Monitor system activity.</b>
46	System security builds on three pillars: good security
47	protocols, proper system configuration and system monitoring.
48	Auditing and reviewing audit records address the third
49	requirement. Each component within a system has some degree of
50	monitoring capability. Follow audit advice in this document
51	and regularly monitor audit records.
52	</p>
53	</li>
54	<li>
55	<p><b outputclass="bold">Keep up-to-date on latest security information.</b> Oracle
56	continually improves its software and documentation. Check this note yearly for revisions. </p>
57	</li>
58	</ul>
59	</body>
60
61	</topic>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format