The Author Online Book Forums are Moving

The Author Online Book Forums will soon redirect to Manning's liveBook and liveVideo. All book forum content will migrate to liveBook's discussion forum and all video forum content will migrate to liveVideo. Log in to liveBook or liveVideo with your Manning credentials to join the discussion!

Thank you for your engagement in the AoF over the years! We look forward to offering you a more enhanced forum experience.

serverdude (24) [Avatar] Offline
#1
figures starts with 'Ch2Figure', and references fail

Most method references in the text are in standard font (Verdana)

p.435 4th line
'things in live,'
'things in life,'

p.435 4th last line
'That said, lets have a closer look'
'That said, let's have a closer look'

p.436 3rd paragraph 4th line
'to ensure that the artifact has not been tempered with'
'to ensure that the artifact has not been tampered with'

p.436 4th paragraph 2nd line:
'More often then not'
'More often than not'

p.436 1st bullet point 4th line
'then that'
'than that'

p.436 2nd bullet point 4th line
'possible the we are talking'
'possible that we are talking'

p.436 3rd bullet point 3rd line
'security checks on the one hand and on where he want to call code outside'
'security checks on the one hand and on the other where he wants to call code outside'

p.437 3rd line
'to big or the development costs to high.'
'too big or the development costs too high.'

p.437 4th line
'If the costs are to high'
'If the costs are too high'

p.437 5th line
'Keep in mind so that if'
'Keep in mind if'

p.437 8th-9th line
'Because it is often to painful to consider it applications and libraries are built without security in mind.'
'Because it is often too painful to consider if applications and libraries are built without security in mind.'

p.437 10th line
'developing for this applications'
'developing for these applications'
or
'developing for this application'
or
'developing for such applications'

p.437 2nd paragraph, 3rd-2nd last line
'Lets have a look at what this looks like form a high-level perspective'
'Let's have a look at what this looks like from a high-level perspective'

p.438 figure 12.1 (missing closing parenthesis after implies(p))
if (!(PermissionA.implies(p) &&
PermissionB.implies(p))
{
throw new SecurityException();
}

if (!(PermissionA.implies(p) &&
PermissionB.implies(p)))
{
throw new SecurityException();
}

p.439 3rd-5th line
'Subsequently, it determines that the A,D pair and the B,C pair originate from BundleA and BundleB, respectively.'
'Subsequently, it determines that the A,C pair and the B,D pair originate from BundleB and BundleA, respectively.'

p.439 3rd paragraph 4th last line
'But if you payed attention than this doesn't help us much'
'But if you paid attention then this doesn't help us much'

p.439 3rd paragraph 3rd last line
'on behalf on another'
'on behalf of another'

p.439 3rd paragraph 2nd last line
'than the ProtectionDomain'
'then the ProtectionDomain'

p.439 last paragraph 2nd line
'In this case, lets assume'
'In this case, let's assume'

p.439 last paragraph 3rd last line
'then the service needs to take care about the more fine-grained security'
'then the service needs to take care of the more fine-grained security'

p.440 3rd line
'Thats pretty much'
'That's pretty much'

p.440 'SECURITYMANAGER V.S. ACCESSCONTROLLER' title
SECURITYMANAGER vs. ACCESSCONTROLLER

p.440 last paragraph before 12.3, 6th line
'calls on behave of other bundles assuming it has the needed permissions. That,'
'calls on behalf of other bundles assuming it has the required permissions. This,'

p.440 last paragraph before 12.3, 4th last line
'The downside is that managing all that'
'The downside is that managing all this'

p.440 last paragraph before 12.3, 2nd last line
'Lets learn'
'Let's learn'

p.441 2nd paragraph 2nd last line
'Lets have a look'
'Let's have a look'

p.442 1st line
'Regaring the name'
'Regarding the name'

p.442 2nd paragraph 1st line
'Lets have a look'
'Let's have a look'

p.442 2nd paragraph 2nd line
'Lets assume'
'Let's assume'

p.442 3rd paragraph 1st line
'the framework sill have'
'the framework still have'

p.442 5th paragraph 1st line
'lets have a look'
'let's have a look'

p.442 6th paragraph 2nd line
'as it would be to broad'
'as it would be too broad'

p.442 6th paragraph last line
'lets have a look'
'let's have a look'

p.442 12.3.2 1st paragraph 4th lline
'is need to require'
'is needed to require'

p.443 1st line
'Instead, lets get on '
'Instead, let's get on '

p.443 between the bullet lists
'but first lets introduce'
'but first let's introduce'

p.443 5th last line
'Ok, lets assume'
'Ok, let's assume'

p.444 6th line
'as well the action.'
'as well as the action.'

p.444 8th line
'we might wont to be able to limit their capabilities'
'we might want to be able to limit their capabilities'

p. 444 last line before 12.3.4
'greater or equal 10.'
'greater than or equal to 10.'

p.446 2nd line
'However, apart form'
'However, apart from'

p.446 2nd paragraph 1st line
'Alright then, what get is management API'
???

p.446 2nd paragraph last 5 lines
'The reason we mention this fact at this point is
that the relationship between the two is well defined and even as it can be summarized as
we just did we still will need to mention the later sometimes while describing the former in
order to highlight some finegrained effects of this policy. But now lets have a look at the
PermissionAdmin service.'

'The reason we mention this fact at this point is
that the relationship between the two is well defined and even though it can be summarized as
we just did we still have to mention the latter sometimes while describing the former in
order to highlight some finegrained effects of this policy. But now let's have a look at the
PermissionAdmin service.'

p.446 12.4.1 1st line
'we need to be to reason'
'we need to be able to reason'

p.447 12.4.2 2nd paragraph 2nd line
'Lets have a look at a simple example'
'Let's have a look at a simple example'

p.447 12.4.2 last paragraph 2nd last line
'lets cut to the chase'
'let's cut to the chase'

p.449 2nd paragraph 1st line
'lets zoom'
'let's zoom'

p.450 12.5 5th line
'that allows to assign'
'that allows you to assign'

p.451 7th-8th line
'Just think about what this means for you when want to express your security policy for a second.'
'Just think what this means to you when you want to express your security policy.'

p.451 2nd paragraph 2nd-4th line
'Really, what it comes down to is that the codebase and the signer attribute are conditions that can be fulfilled or not. If they are then the permissions are applicable otherwise not.'
'What it really comes down to is that the codebase and the signer attribute are conditions which either can be fulfilled or not. The permissions are only applicable if the conditions are fulfilled.'

p.451 2nd paragraph 5th line
'where one the one hand'
'where on the one hand'

p.451 3rd paragraph 2nd last line
'the tasks need to define a reasonable security policy. But now, lets have'
'the tasks needed to define a reasonable security policy. But now, let's have'

p.452 12.5.2 1st paragraph 3rd-4th line
'The way this done is that for each'
'The way this is done is that for each'

p.452 12.5.2 1st paragraph 3rd last line
'by the conditions other then purely'
'by the conditions other than purely'

p.452 12.5.2 1st paragraph 2nd last line
'Lets look'
'Let's look'

p.452 12.5.2 2nd paragraph 8th-9th line
'can be optimized away as they either will always remain in their state after that.'
'can be optimized away as they will always remain in that state.'

p.452 last paragraph 2nd line
'Lets try'
'Let's try'

p.453 1st paragraph 2nd last line
'rather then an individual dialog'
'rather than an individual dialog'

p.453 2nd paragraph 3rd last line
'them implement such a more advanced use-cases in detail. For now lets have look a one'
'them to implement a more advanced use-case in detail. For now let's have a look at one'

p.453 CONDITIONINFO AND BUNDLELOCATIONCONDITION 1st-2nd line
'As conditions are the new way of defining which bundle gets what permissions obviously you well need a couple of them to be able to express anything meaningful in your security policy.'
' Conditions are the new way of defining which bundle gets which permissions. Obviously you will need a couple of conditions to be able to express anything meaningful in your security policy.'

p.453 CONDITIONINFO AND BUNDLELOCATIONCONDITION 3rd line
'is include by default'
'is included by default'

p.453 CONDITIONINFO AND BUNDLELOCATIONCONDITION 7th line
'my include wildcards'
'may include wildcards'

p.454 2nd last line before 12.5.3
'lets go'
'let's go'

p.455 2nd paragraph 3rd line
'rather then'
'rather than'


p.456 1st line quotation marks aren't all the same. 2nd last is U+201C - 'LEFT DOUBLE QUOTATION MARK' others are U+0022 "QUOTATION MARK"
'AllPermission.class.getName(), "", “")'

p.456 last line
'are therefore the names if the available infos.'
'are therefore the names of the available infos.'
or
'are therefore the names in the available infos.'

p.457 4th line
'case that you want to set the name ourself'
'case that you want to set the name yourself'

p.458 'ALLOW V.S. DENY POLICIES' title
'ALLOW vs. DENY POLICIES'

p.458 'ALLOW V.S. DENY POLICIES' 2nd paragraph 2nd-3rd line
'Thats what is called a deny policiy'
'That's what is called a deny policy'

p.458 last paragraph 2nd line
'is now the case the the order of condition/permission'
'is now the case that the order of condition/permission'

p.459 2nd line
'Consequently, whats left'
'Consequently, what's left'

p.459 1st line of last paragraph before 12.6
'Thats it'
'That's it'

p.460 2nd line
'you want to give networking permissions too, you can grant the a company the right'
'you want to give networking permissions to, you can grant a company the right'

p.460 4th paragraph 4th line
'Lets see how'
'Let's see how'

p.460 grey box 2nd line
'lets call'
'let's call'

p.460 grey box 2nd paragraph 3rd line
'that are in advance? Simple, we need to create a root certificated'
'there are in advance? Simple, we need to create a root certificate'

p.460 grey box 3rd paragraph 2nd line
'and when they in turn us their'
'and when they in turn use their'

p.461 DISTINGUISHED NAME (DN) 2nd line
'identifying a node in an hierarchical name space.'
'identifying a node in a hierarchical name space.'

p.461 last line
'The reason is that we want to impor as certificate
'The reason is that we want to import them as certificate'

p.463 CERTIFICATE MATCHING 4th paragraph 2nd line
'as the first filter as we allow for all countries but at the time more limiting'
'than the first filter as we allow for all countries but at the same time more limiting'

p.464 4th line
'Framework, how they are known?'
'Framework. How are they known?'

p.464 5th line
'there is one standard way introduces in r4.2'
'there is one standard way introduced in r4.2'

p.464 last paragraph before 12.6.2 1st line
'Ok, so how do use this matching then together with the conditional permission admin?'
'Ok, so how do you use this matching them together with the conditional permission admin?'

p.465 12.6.3 2nd line
'lets get back'
'let's get back'

p.466 1st line
'lets assume'
'let's assume'

p.466 3rd paragraph 3rd line
'PermissionAdmin und the'
'PermissionAdmin and the'

p.466 3rd paragraph 7th-9th line
'Finally, we introduced you to local permissions allowing to at the one hand, limit the permissions a bundle gets to the minimum while at the other hand enabling to easily audit the security requirements of a given bundle.'
'Finally, we introduced you to local permissions on one hand allowing you to limit the permissions a bundle gets to the minimum while on the other hand enabling you to easily audit the security requirements of a given bundle.'

p.466 12.7 1st line
'a condition is to act as guard'
'a condition is to act as a guard'

p.466 12.7 3rd line
'trigged against'
'triggered against'

p.466 last paragraph 1st sentence
'To this end, we already introduced you to the concept of mutable and immutable conditions allowing to optimize the condition evaluation.'
'To this end, we already introduced you to the concept of mutable and immutable conditions allowing optimization of the condition evaluation.'

p.466 last paragraph 2nd-3rd line
'So far, however, we didn't actually told you how you can create your own conditions'
'So far, however, we haven't actually told you how you can create your own conditions'
or
'So far, however, we didn't actually tell you how you can create your own conditions'

p.467 12.7.1 1st line
'Obviously, providing custom conditions is a very security sensitive. We for sure don't'
'Obviously, providing custom conditions is very security sensitive. We certainly don't'

p.467 2nd paragraph 1st line
'is used to constructed a new'
'is used to construct a new'

p.467 5th paragraph 2nd line
'the interface is only contains four'
'the interface only contains four'

p.467 5th paragraph 4th-5th line: change font is Verdana should be CourierNewPSMT to be consistent
'isSatisfied(Condition[] conditions, Dictionary context)'

p.467 6th paragraph 1st line
'Lets'
'Let's'

p467-468 Listing xxx: BeforeDateCondition Example
anchors (#2) starts from 2
anchors aren't right justified as in other listings
anchors aren't used as references in the following text.

p.468 1st paragraph last line
'then the given'
'than the given'

p.468 2nd paragraph 4th line
'o evaluate'
'to evaluate'

p.468 3rd paragraph 1st line
'what is left is two things.'
'what is left are two things.'

p.469 1st paragraph after "Extension Bundles", 1st line
'How would that look like?'
'What would that look like?
or
'How would that look?'

p.469 last line before 12.7.2
'lets look'
'let's look'

p.470 'THE PERMISSION CHECK IN THE PRESENTS OF POSTPONED CONDITIONS'
'THE PERMISSION CHECK IN THE PRESENCE OF POSTPONED CONDITIONS'

p.470 THE PERMISSION CHECK IN THE PRESENTS OF POSTPONED CONDITIONS 1st line
'the presents of postponed'
'the presence of postponed'

p.470 1st paragraph after 'THE PERMISSION CHECK IN THE PRESENTS OF POSTPONED CONDITIONS', 1st line
'lets implement a AskTheUser condition which does ask the user'
'let's implement an AskTheUser condition which asks the user'

p.471 1st paragraph 2nd line
'JoptioinPane'
'JOptionPane'

p.471 2nd paragraph 1st line
'he wants the condition be'
'he wants the condition to be'

p.473 2nd paragraph 2nd line
'we didn't go to fast.'
'we didn't go too fast.'

p.474 last bullet point, 2nd line
'scenarios to avouid performance'
'scenarios to avoid performance'

p.474 last bullet point, 3rd line
'only be asked on'
'only be asked one'
serverdude (24) [Avatar] Offline
#2
Re: Chapter 12 - errata
The flow of the text is not consistent with the rest of the book. The chapter (12) resembles the old chapter 7 - which IMHO could be improved upon.

Shorter sentences, more paragraphs, and improved punctuation could probably help.
david_savage (3) [Avatar] Offline
#3
Re: Chapter 12 - errata
Many thanks, I'm currently taking an editing pass at this chapter and I'll make sure your fixes get included.