svn commit: r41650 - projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/disks

Tom Rhodes trhodes at FreeBSD.org
Fri May 17 20:08:12 UTC 2013 

Author: trhodes
Date: Fri May 17 20:08:11 2013
New Revision: 41650
URL: http://svnweb.freebsd.org/changeset/doc/41650

Log:
  Axe the "why encrypt swap" mini-section and migrate
  the useful stuff into the section introduction.
  Re-word some sentences and a section name.
  
  Reviewed by:	bcr (quick look)

Modified:
  projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/disks/chapter.xml

Modified: projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/disks/chapter.xml
==============================================================================
--- projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/disks/chapter.xml	Fri May 17 19:56:43 2013	(r41649)
+++ projects/ISBN_1-57176-407-0/en_US.ISO8859-1/books/handbook/disks/chapter.xml	Fri May 17 20:08:11 2013	(r41650)
@@ -3830,27 +3830,22 @@ geli_da2_flags="-p -k /root/da2.key"</pr
       <secondary>encrypting</secondary>
     </indexterm>
 
-    <para>Swap encryption in &os; is easy to configure.  Depending on
-      which version of &os; is being used, different options are
-      available and configuration can vary slightly.  The &man.gbde.8;
-      or &man.geli.8; encryption systems can be used for swap
-      encryption.  Both systems use the <filename>encswap</filename>
+    <para>Like the encryption of disk partitions, encryption of swap
+      space is used to protect sensitive information.  Consider an
+      application that deals with passwords.  As long as these
+      passwords stay in physical memory, these passwords will not
+      be written to disk and be cleared after a reboot.  If &os;
+      starts swapping out memory pages to free
+      space for other applications, the passwords may be written to
+      the disk platters unencrypted.  Encrypting swap space can be a
+      solution for this scenario.</para>
+
+    <para>The &man.gbde.8; or &man.geli.8; encryption systems may be
+      used for swap encryption.  Both systems use the
+      <filename>encswap</filename>
       <link linkend="configtuning-rcd">rc.d</link> script.</para>
 
     <sect2>
-      <title>Why Should Swap be Encrypted?</title>
-
-      <para>Like the encryption of disk partitions, encryption of swap
-	space is used to protect sensitive information.  Consider an
-	application that deals with passwords.  As long as these
-	passwords stay in physical memory, all is well.  However, if
-	the operating system starts swapping out memory pages to free
-	space for other applications, the passwords may be written to
-	the disk platters unencrypted.  Encrypting swap space can be a
-	solution for this scenario.</para>
-    </sect2>
-
-    <sect2>
       <title>Preparation</title>
 
       <note>
@@ -3907,7 +3902,7 @@ geli_da2_flags="-p -k /root/da2.key"</pr
     </sect2>
 
     <sect2>
-      <title>Verifying That it Works</title>
+      <title>Encrypted Swap Verification</title>
 
       <para>Once the system has rebooted, proper operation of the
 	encrypted swap can be verified using

More information about the svn-doc-projects mailing list