HANA OS Security Guide: Incorporate review fixes from SUSE/doc-sle#1010

SUSE · Nov 15, 2021 · d27bff5 · d27bff5
1 parent 9b1f52b
commit d27bff5
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/adoc/OS_Security_Hardening_Guide_for_SAP_HANA_SLES12.adoc b/adoc/OS_Security_Hardening_Guide_for_SAP_HANA_SLES12.adoc
@@ -661,11 +661,11 @@ Impact::
 Priority:: High
 
 
-Changing Home Directory Permissions From 775 to 700
+Changing Home Directory Permissions From 755 to 700
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 Description::
-By default, home directories of users are accessible (read, execute) by any other user in the system. 
-As this is a potential security leak, home directories should only be accessible by their owner.
+By default, home directories of users are accessible (read, execute) by all other users on the system.
+As this is a potential information leak, home directories should only be accessible by their owners.
 SAP HANA system users ('<sid>adm') have their home directories in the directories `/usr/sap/<sid>/home/`. 
 As this directory structure is in the domain of SAP, we do not describe any changes here.
 
@@ -1284,4 +1284,4 @@ This chapter lists content changes for this document since its first release.
 include::common_sbp_legal_notice.adoc[]
 
 // Standard SUSE Best Practices includes
-include::common_gfdl1.2_i.adoc[]
+include::common_gfdl1.2_i.adoc[]
diff --git a/adoc/OS_Security_Hardening_Guide_for_SAP_HANA_SLES15.adoc b/adoc/OS_Security_Hardening_Guide_for_SAP_HANA_SLES15.adoc
@@ -646,10 +646,10 @@ Priority::
 High
 
 
-Changing Home Directory Permissions from 775 to 700
+Changing Home Directory Permissions from 755 to 700
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 Description::
-By default, home directories of users are accessible (read, execute) by any other user in the system. As this is a potential security leak, home directories should only be accessible by their owners.
+By default, home directories of users are accessible (read, execute) by all other users on the system. As this is a potential information leak, home directories should only be accessible by their owners.
 SAP HANA system users ('<sid>adm') have their home directories in the directories `/usr/sap/<sid>/home/`. As this directory structure is located in the domain of SAP, we do not describe any changes here.
 
 Procedure::