Commit 0251dd6e authored by T(A)ILS developers's avatar T(A)ILS developers
Browse files

Design draft: rephrase.

parent b34b56b5
...@@ -353,8 +353,8 @@ compiler level stuff is necessary for utilizing the kernel security ...@@ -353,8 +353,8 @@ compiler level stuff is necessary for utilizing the kernel security
features. Thus the implementation of this feature might depend on the features. Thus the implementation of this feature might depend on the
vendor distribution used to build the PELD upon. If it hasn't been vendor distribution used to build the PELD upon. If it hasn't been
widely deployed at this level, their implementation might require a lot widely deployed at this level, their implementation might require a lot
of time for the PELD developers and impact its ease of maintenance, of time from the PELD developers and impact its ease of maintenance,
which would make it harder for new contributors to involve in the which would make it harder for new contributors to get involved in the
project. For this reasons, implementation of this feature should be project. For this reasons, implementation of this feature should be
carefully balanced between its costs and the extra security it brings. carefully balanced between its costs and the extra security it brings.
...@@ -696,18 +696,17 @@ support is disabled, to avoid the usage of such a privacy flawed and ...@@ -696,18 +696,17 @@ support is disabled, to avoid the usage of such a privacy flawed and
buggy plugin. The Off-the-record plugin is enabled to help one to one buggy plugin. The Off-the-record plugin is enabled to help one to one
conversations being as private and unrecordable as possible. A script conversations being as private and unrecordable as possible. A script
generates at each boot a random nick to be used on the preconfigured IRC generates at each boot a random nick to be used on the preconfigured IRC
servers, by picking up a firstname from the 2000 most registered by the servers, by randomly picking up a firstname from the 2000 most registered by the
U.S. social security administration in the 70s and appending it a random U.S. social security administration in the 70s and appending it a random
number between 0 and 100. number between 0 and 100.
### 3.5.12 Host system swap ### 3.5.12 Host system swap
By various hooks in the build process, T(A)ILS try to take care not to T(A)ILS takes care not to use any swap filesystem that might exist on
use any swap filesystem that might exist on the host machine hard drive. the host machine hard drive. Most of this is done at build time: not
The /sbin/swapon binary is replaced by a fake script and the init script only the `/sbin/swapon` binary is replaced by a fake no-op script, but
responsible of mounting swap at boot included in the upstream debian the init script responsible for mounting swap at boot (provided by
live-boot sources is removed. The swapon option at boot time is also live-boot) is removed. Also, live-boot's `swapon` option is not set.
desactivated.
- [[!tails_gitweb config/chroot_local-hooks/03-noswap]] - [[!tails_gitweb config/chroot_local-hooks/03-noswap]]
- [[!tails_gitweb config/chroot_local-hooks/05-disable_swapon]] - [[!tails_gitweb config/chroot_local-hooks/05-disable_swapon]]
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment