doc/Security of user switching support.html in passenger-5.0.0.beta1 vs doc/Security of user switching support.html in passenger-5.0.0.beta2

@@ -1,11 +1,11 @@
 <!DOCTYPE html>
-<html lang="en">
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-<meta name="generator" content="AsciiDoc 8.6.7">
-<title>Security of user switching support in Passenger</title>
+<html lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+<meta name="generator" content="AsciiDoc 8.6.7">
+<title>Security of user switching support in Passenger</title>
 <style type="text/css">
 /* Shared CSS for AsciiDoc xhtml11 and html5 backends */
 
 /* Default font. */
 body {
@@ -601,11 +601,11 @@
 }
 div.exampleblock > div.content, div.sidebarblock > div.content, div.listingblock > div.content { border-width: 0 0 0 3px; border-color: #E8E8E8; }
 div.verseblock { border-left-width: 0; margin-left: 3em; }
 div.quoteblock { border-left-width: 3px; margin-left: 0; margin-right: 0;}
 div.admonitionblock td.content { border-left: 3px solid #E8E8E8; }
-</style>
+</style>
 <script type="text/javascript">
 /*<![CDATA[*/
 var asciidoc = {  // Namespace.
 
 /////////////////////////////////////////////////////////////////////
@@ -795,11 +795,12 @@
 }
 
 }
 asciidoc.install();
 /*]]>*/
-</script><style type="text/css">
+</script>
+<style type="text/css">
 body {
 	margin: 1em auto 1em auto;
 	padding: 0 1em 0 1em;
 	max-width: 800px;
 }
@@ -1052,11 +1053,11 @@
 	width: 1px;
 	height: 1px;
 }
 
 </style>
-</head>
+</head>
 <body class="article">
 <div id="topbar" style="display: none">
 	<div class="title">
 		<!-- Don't put a space between the img and a. That will break the hover layout. -->
 		<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAsAAAAKCAYAAAEV95QVAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9sGCRMSACDxkZwAAAAidEVYdENvbW1lbnQAQ3JlYXRlZCB3aXRoIEdJTVAgb24gYSBNYWOHqHdDAAAAZUlEQVQY032PSxbAIAjEIlfygL6ePF3UUvpzNjgSYWwqAMEhUQnANnsC7TQPeJpsVWzMuh2sog4vDTUbqP081zECrW4dtdaQGSIKlWluPyjK+VXxAz5XfcKufCzA130AfQHWB30HZxlPaP080xsAAAAASUVORK5CYII=" width="11" height="10" alt=""><a href="javascript:void(Mizuho.smoothlyScrollToToc())">Security of user switching support in Passenger</a>
@@ -1082,17 +1083,17 @@
 <div id="content">
 <div class="sect1">
 <span class="anchor_helper" id="_problem_description"></span><h2 data-anchor="_problem_description">1. Problem description</h2>
 <div class="sectionbody">
 <div class="admonitionblock">
-<table><tr>
+<table><tr>
 <td class="icon">
-<img src="./images/icons/tip.png" alt="Tip">
+<img src="./images/icons/tip.png" alt="Tip">
 </td>
 <td class="content">It is strongly recommended that you first read our
 <a href="Architectural%20overview.html">Architectural Overview</a>.</td>
-</tr></table>
+</tr></table>
 </div>
 <div class="paragraph"><p>A straightforward implementation of Passenger will spawn Rails applications in
 the same user context as Apache itself. On server machines which host multiple
 websites for multiple users, this may not be desired. All Rails applications
 spawned by Passenger will be able to read and write to all directories that the
@@ -1108,11 +1109,11 @@
 <span class="anchor_helper" id="_analysis_of_possible_solutions"></span><h2 data-anchor="_analysis_of_possible_solutions">2. Analysis of possible solutions</h2>
 <div class="sectionbody">
 <div class="paragraph"><p>It seems that the only way to solve this problem on Unix, is to run each Rails
 application server as its owner’s user and group. Passenger can make use of
 one of the following methods to implement this:</p></div>
-<div class="olist arabic"><ol class="arabic">
+<div class="olist arabic"><ol class="arabic">
 <li>
 <p>
 Apache (and thus Passenger) must already be running as root.
 </p>
 </li>
@@ -1191,11 +1192,11 @@
 <div class="paragraph"><p>There are multiple ways to implement this security. The first one is to use
 a password file, which only Apache and the wrapper can read, through
 the use of proper file permissions. The password file must never be world
 readable or writable.</p></div>
 <div class="paragraph"><p>It works as follows:</p></div>
-<div class="olist arabic"><ol class="arabic">
+<div class="olist arabic"><ol class="arabic">
 <li>
 <p>
 Passenger runs the wrapper.
 </p>
 </li>
@@ -1268,20 +1269,20 @@
 </div>
 <div class="sect2">
 <span class="anchor_helper" id="_common_security_issues"></span><h3 data-anchor="_common_security_issues">2.7. Common security issues</h3>
 <div class="paragraph"><p>Whatever method Passenger will use, the following security principles must be
 honored:</p></div>
-<div class="ulist"><ul>
+<div class="ulist"><ul>
 <li>
 <p>
 Rails applications must never be run as root.
 </p>
 </li>
 </ul></div>
 <div class="paragraph"><p>It might also be worthy to look into suEXEC’s security model for inspiration.</p></div>
 <div class="paragraph"><p>Also, the following questions remain:</p></div>
-<div class="ulist"><ul>
+<div class="ulist"><ul>
 <li>
 <p>
 Is there a need for a user whitelist/blacklist? That is, is there a need for
    the ability to restrict the set of users that Passenger can switch to?
 </p>
@@ -1826,7 +1827,7 @@
 }, Mizuho);
 
 $(document).ready(Mizuho.initializeTopBar);
 
 </script>
-</body>
+</body>
 </html>