Instead of paragraphs, use one of the various list tags.

Submitted by: keramida
svn path=/head/; revision=27641
2006-04-27 07:31:52 +00:00 · 2006-04-27 07:31:52 +00:00 · 45f15433af · 2020-12-08 03:00:23 +00:00
commit 45f15433af
parent 5e3eff0328
1 changed files with 29 additions and 10 deletions
--- a/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
+++ b/en_US.ISO8859-1/books/handbook/mac/chapter.sgml
@ -835,21 +835,40 @@ test: biba/high</screen>
  <sect1 id="mac-planning">
    <title>Planning the Security Configuration</title>

-    <para>As with implementing any technology, there must be a planning
-      phase.  During this time is it best an administrator looks at
-      their plight as a whole and defines exactly what is needed.
-      Examine thoroughly what requirements exist, how to accomplish
-      the final goal.  How must information be classified or restricted,
-      what users should be given access and which <acronym>MAC</acronym>
-      module or modules will be required to achieve this goal.</para>
+    <para>Whenever a new technology is implemented, a planning phase is
+      always a good idea.  During the planning stages, an administrator
+      should in general look at the <quote>big picture</quote>, trying
+      to keep in view at least the following:</para>

-    <para>Although it is always possible to reconfigure and change the
-      system resources and security settings, it is inconvenient to
+    <itemizedlist>
+      <listitem>The implementation requirements</listitem>
+
+      <listitem>The implementation goals</listitem>
+    </itemizedlist>
+
+    <para>For <acronym>MAC</acronym> installations, these include:</para>
+
+    <itemizedlist>
+      <listitem>How to classify information and resources available on
+	the target systems.</listitem>
+
+      <listitem>What sorts of information or resources to restrict
+	access to and the type of restrictions that should be
+	applied.</listitem>
+
+      <listitem>Which <acronym>MAC</acronym> module or modules will be
+	required to achieve this goal.</listitem>
+    </itemizedlist>
+
+    <para>It is always possible to reconfigure and change the
+      system resources and security settings, it is quite often very inconvenient to
      search through the system and fix existing files and user
      accounts.  Planning helps to ensure a trouble-free and efficient
      trusted system implementation.  A trial run of the trusted system,
      including the configuration, is often vital and definitely
-      beneficial before.  The idea of just letting loose on a system
+      beneficial <emphasis>before</emphasis> a <acronym>MAC</acronym>
+      implementation is used on production systems.  The idea of just
+      letting loose on a system
      with <acronym>MAC</acronym> is like setting up for failure.</para>

    <para>Different environments may have explicit needs and