Fix a few typos and tweak a little grammar, between the point where I

started paying attention and the point where I realized I have
to be awake early this morning and might not get a chance to
return to this.

en_US.ISO8859-1/books/handbook/mac/chapter.sgml

@@ -331,7 +331,7 @@
       the system.</para>
 
     <para>When setting a label, the user must be able to comprehend
-      what it is, exactly, that they are doing.  Setting the label
+      what it is, exactly, that is being done.  Setting the label
       too high or too low may jeopardize the entire security
       structure of their directory or file system.</para>
 
@@ -393,7 +393,7 @@
       <title>Label Configuration</title>
 
       <para>Virtually all aspects of label policy configuration
-	will be performed using a set of four commands.  Theses
+	will be performed using a set of four commands.  These
 	commands provide a simple interface for object or subject
 	configuration or the manipulation and verification of
 	the configuration.</para>
@@ -412,8 +412,8 @@
 	quiescent is when an error occurred.  In some cases this
 	error may be a <errorname>Permission denied</errorname> and
 	is usually obtained when the label is being set or modified
-	on an object which is restricted.  The system administrator,
+	on an object which is restricted.  The system administrator
-	may use the commands in conjunction to overcome this:</para>
+	may use the following commands to overcome this:</para>
 
       <screen>&prompt.root; <userinput>setfmac biba/high test</userinput>
 <errorname>Permission denied</errorname>
@@ -422,15 +422,15 @@
 test: biba/high</screen>
 
       <para>As can be observed, the <command>setpmac</command>
-	can be used to override the policies settings by assigning
+	can be used to override the policy's settings by assigning
 	a different label to the invoked process.  The
-	<command>getpmac</command> is usually used with current
+	<command>getpmac</command> is usually used with currently
-	running processes, such as <application>sendmail</application>
+	running processes, such as <application>sendmail</application>:
 	although it takes a process ID in place of
 	a command the logic is extremely similar.  It should be pointed
 	out that users will only be able to override policy labels if
-	they themselves own the object or subject.  If a user would
+	they themselves own the object or subject.  If users would
-	attempt to manipulate a file not in their access level, the
+	attempt to manipulate a file not in their access levels, the
 	<errorname>Operation not permitted</errorname> error
 	will be displayed by the <function>mac_set_link</function>
 	function.</para>
@@ -441,7 +441,7 @@ test: biba/high</screen>
 	<para>Users themselves are required to have labels so that
 	  their files and processes may properly.  This is
 	  configured through the <filename>login.conf</filename> file
-	  by use of login classes.  Every policy which uses labels
+	  by use of login classes.  Every policy that uses labels
 	  will enforce the user class setting.</para>
 
 	<para>An example entry containing every policy is listed
@@ -475,7 +475,7 @@ test: biba/high</screen>
 	  user class default label which will be enforced by
 	  <acronym>MAC</acronym>.  Users will never be permitted to
 	  modify this value, thus it can be considered not optional
-	  in the user case.  In a real configuration; however, the
+	  in the user case.  In a real configuration, however, the
 	  administrator will never wish to enable every policy.
 	  It is recommended that the rest of this chapter be reviewed
 	  before any of this configuration is implemented.</para>
@@ -487,7 +487,7 @@ test: biba/high</screen>
 	  example or discussion.</para>
 
 	<para>It is useful to note that many sites may have a
-	  particularly large amount of users requiring several
+	  particularly large number of users requiring several
 	  different user classes.  In depth planning is required
 	  as this may get extremely difficult to manage.</para>
       </sect3>
@@ -517,7 +517,7 @@ test: biba/high</screen>
 
 	<para>Each policy which supports labeling has some tunable
 	  which may be used to disable the <acronym>MAC</acronym>
-	  label on network interfaces.  Setting them to
+	  label on network interfaces.  Setting the label to
 	  <option>equal</option> will have a similar effect.  Review
 	  the output from <command>sysctl</command>, the policy manual
 	  pages, or even the information found later in this chapter
@@ -563,8 +563,8 @@ test: biba/high</screen>
 	</listitem>
 
 	<listitem>
-	  <para>This machine only requires one label
+	  <para>This machine only requires one label,
-	    <literal>biba/high</literal> for everything in the system.
+	    <literal>biba/high</literal>, for everything in the system.
 	    Here the file system would not require the
 	    <option>multilabel</option> option as a single label
 	    will always be in effect.</para>
@@ -680,7 +680,7 @@ test: biba/high</screen>
 
       <note>
 	<para>Every policy or <acronym>MAC</acronym> option supports
-	  a tunables.  These usually hang off of the
+	  tunables.  These usually hang off of the
 	  <literal>security.mac.&lt;policyname&gt;</literal> tree.
 	  To view all of the tunables from <acronym>MAC</acronym>
 	  use the following command:</para>
@@ -1347,8 +1347,8 @@ test: biba/high</screen>
 
       <listitem>
 	<para><literal>security.mac.mls.max_compartments</literal> is
-	  used to set the maximum amount of compartment levels with
+	  used to set the maximum number of compartment levels with
-	  objects; basically the maximum compartment amount allowed
+	  objects; basically the maximum compartment number allowed
 	  on a system.</para>
       </listitem>
     </itemizedlist>