security-general.dita@ 107390

Last change on this file since 107390 was 107390, checked in by vboxsync, 5 months ago

Docs: bugref:10705. bugref: 10829. The docs build has been modified to split generated refentry dita files and the user manual files and the following commits from doc's team git repo has been applied:

0946136c74dda0483704db891345cb39548b4e28 Started consolidating known issues and troubleshooting information
845b847e6a8e778b38a57867e25ee5e086a73800 Added individual topics for list of known issues, integrated into Troubleshooting section.
bb574836aac775889bd61e4a72f489617fcb7d18 Removed EFI firmware from experimental features for 7.2
6d2e68b244869991e713d170ecd239739d99ba56 Moved known issues into Known Issues section
e2630c896561587718b5c3197c384a38d07014d5 Merge branch 'VBP-1461_experimental-features' into 'main'
0512e2cce51f49ccdc56f3381a2a0c924f2bd278 Feedback on known issues
a77d6c980f6ff5cad9d32b2fb9290990093a03fa Restructured host and guest OS topics
988af5cc9628f5de0806531bc98686f691a911fd Updates with feedbback from Jacob
982a61c9f25b22b745ec483e763e3d88efe59c40 Included feedback from Jacob
93181c8c6cc2d9a26bcccb1145cb0423c0d9f4c9 Updated known issues with feedback from Klaus
8bc369561c383f09b409fe5e44f507440b3735fb Created Legacy Guest OS section
d7932f55accdab7a03666302d58b8c941cd48be2 Moved known issues to more appropriate places for the info
2a4aa094ba8a7ac6894d2a777316eabf41746580 Further moving of known issues
baeabd5308c5519a4dc26b4197be9b00e419a85a Updated links to cli_topics

Property svn:eol-style set to native
Property svn:keywords set to Author Date Id Revision

File size: 2.8 KB

Line
1	<?xml version='1.0' encoding='UTF-8'?>
2	<!DOCTYPE topic PUBLIC "-//OASIS//DTD DITA Topic//EN" "topic.dtd">
3	<topic xml:lang="en-us" id="security-general">
4	<title>General Security Principles</title>
5
6	<body>
7	<p>
8	The following principles are fundamental to using any application
9	securely.
10	</p>
11	<ul>
12	<li>
13	<p><b outputclass="bold">Keep software up-to-date</b>. One of the principles of good
14	security practise is to keep all software versions and patches up-to-date. Activate the
15	<ph conkeyref="vbox-conkeyref-phrases/product-name"/> update notification to get
16	notified when a new <ph conkeyref="vbox-conkeyref-phrases/product-name"/> release is
17	available. When updating <ph conkeyref="vbox-conkeyref-phrases/product-name"/>, do not
18	forget to update the Guest Additions. Keep the host operating system as well as the guest
19	operating system up-to-date. </p>
20	</li>
21	<li>
22	<p><b outputclass="bold">Restrict network access to critical
23	services.</b> Use proper means, for instance a
24	firewall, to protect your computer and your guests from
25	accesses from the outside. Choosing the proper networking mode
26	for VMs helps to separate host networking from the guest and
27	vice versa.
28	</p>
29	</li>
30	<li>
31	<p><b outputclass="bold">Follow the principle of least
32	privilege.</b> The principle of least privilege states
33	that users should be given the least amount of privilege
34	necessary to perform their jobs. Always execute <ph conkeyref="vbox-conkeyref-phrases/product-name"/>
35	as a regular user. We strongly discourage anyone from
36	executing <ph conkeyref="vbox-conkeyref-phrases/product-name"/> with system privileges.
37	</p>
38	<p>
39	Choose restrictive permissions when creating configuration
40	files, for instance when creating /etc/default/virtualbox, see
41	<xref href="linux_install_opts.dita">Automatic Installation Options</xref>. Mode 0600 is preferred.
42	</p>
43	</li>
44	<li>
45	<p><b outputclass="bold">Monitor system activity.</b>
46	System security builds on three pillars: good security
47	protocols, proper system configuration and system monitoring.
48	Auditing and reviewing audit records address the third
49	requirement. Each component within a system has some degree of
50	monitoring capability. Follow audit advice in this document
51	and regularly monitor audit records.
52	</p>
53	</li>
54	<li>
55	<p><b outputclass="bold">Keep up-to-date on latest security information.</b> Oracle
56	continually improves its software and documentation. Check this note yearly for revisions. </p>
57	</li>
58	</ul>
59	</body>
60
61	</topic>

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format