diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d601860..5e3f75ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -116,7 +116,7 @@ Released on 2022-01-31 * rule(Create Hardlink Over Sensitive Files): new rule to detect hard links created over sensitive files [[#1810](https://github.com/falcosecurity/falco/pull/1810)] - [@sberkovich](https://github.com/sberkovich) * rule(Detect crypto miners using the Stratum protocol): add `stratum2+tcp` and `stratum+ssl` protocols detection [[#1810](https://github.com/falcosecurity/falco/pull/1810)] - [@sberkovich](https://github.com/sberkovich) * rule(Sudo Potential Privilege Escalation): correct special case for the CVE-2021-3156 exploit [[#1810](https://github.com/falcosecurity/falco/pull/1810)] - [@sberkovich](https://github.com/sberkovich) -* rule(list falco_hostnetwork_images): moved to k8s_audit_rules.yaml to avoid a warning when usng falco_rules.yaml only [[#1681](https://github.com/falcosecurity/falco/pull/1681)] - [@leodido](https://github.com/leodido) +* rule(list falco_hostnetwork_images): moved to k8s_audit_rules.yaml to avoid a warning when using falco_rules.yaml only [[#1681](https://github.com/falcosecurity/falco/pull/1681)] - [@leodido](https://github.com/leodido) * rule(list deb_binaries): remove `apt-config` [[#1860](https://github.com/falcosecurity/falco/pull/1860)] - [@Andreagit97](https://github.com/Andreagit97) * rule(Launch Remote File Copy Tools in Container): add additional binaries: curl and wget. [[#1771](https://github.com/falcosecurity/falco/pull/1771)] - [@ec4n6](https://github.com/ec4n6) * rule(list known_sa_list): add coredns, coredns-autoscaler, endpointslicemirroring-controller, horizontal-pod-autoscaler, job-controller, node-controller (nodelifecycle), persistent-volume-binder, pv-protection-controller, pvc-protection-controller, root-ca-cert-publisher and service-account-controller as allowed service accounts in the kube-system namespace [[#1760](https://github.com/falcosecurity/falco/pull/1760)] - [@sboschman](https://github.com/sboschman) @@ -812,7 +812,7 @@ Released on 2020-02-24 * rule(write below etc): add "dsc_host" as a ms oms program [[#1028](https://github.com/falcosecurity/falco/pull/1028)] * rule(write below etc): let mcafee write to /etc/cma.d [[#1028](https://github.com/falcosecurity/falco/pull/1028)] * rule(write below etc): let avinetworks supervisor write some ssh cfg [[#1028](https://github.com/falcosecurity/falco/pull/1028)] -* rule(write below etc): alow writes to /etc/pki from openshift secrets dir [[#1028](https://github.com/falcosecurity/falco/pull/1028)] +* rule(write below etc): allow writes to /etc/pki from openshift secrets dir [[#1028](https://github.com/falcosecurity/falco/pull/1028)] * rule(write below root): let runc write to /exec.fifo [[#1028](https://github.com/falcosecurity/falco/pull/1028)] * rule(change thread namespace): let cilium-cni change namespaces [[#1028](https://github.com/falcosecurity/falco/pull/1028)] * rule(run shell untrusted): let puma reactor spawn shells [[#1028](https://github.com/falcosecurity/falco/pull/1028)] diff --git a/brand/README.md b/brand/README.md index d883c369..7ab2879f 100644 --- a/brand/README.md +++ b/brand/README.md @@ -5,7 +5,7 @@ This document describes The Falco Project's branding guidelines, language, and message. -Content in this document can be used to publically share about Falco. +Content in this document can be used to publicly share about Falco. diff --git a/docker/builder/root/usr/bin/scl_enable b/docker/builder/root/usr/bin/scl_enable index d196c3d5..34b7b7c1 100644 --- a/docker/builder/root/usr/bin/scl_enable +++ b/docker/builder/root/usr/bin/scl_enable @@ -1,5 +1,5 @@ # IMPORTANT: Do not add more content to this file unless you know what you are doing. -# This file is sourced everytime the shell session is opened. +# This file is sourced every time the shell session is opened. # # This will make scl collection binaries work out of box. unset BASH_ENV PROMPT_COMMAND ENV diff --git a/proposals/20190826-grpc-outputs.md b/proposals/20190826-grpc-outputs.md index 0e2a6c4a..52762940 100644 --- a/proposals/20190826-grpc-outputs.md +++ b/proposals/20190826-grpc-outputs.md @@ -47,7 +47,7 @@ The motivation behind this proposal is to design a new output implementation tha ### Non-Goals - To substitute existing outputs (stdout, syslog, etc.) -- To support different queing systems than the default (round-robin) one +- To support different queuing systems than the default (round-robin) one - To support queuing mechanisms for message retransmission - Users can have a local gRPC relay server along with Falco that multiplexes connections and handles retires and backoff - To change the output format diff --git a/proposals/20191030-api.md b/proposals/20191030-api.md index 6d6a6a7a..818d9693 100644 --- a/proposals/20191030-api.md +++ b/proposals/20191030-api.md @@ -6,7 +6,7 @@ This is a proposal to better structure the Falco API. The Falco API is a set of contracts describing how users can interacts with Falco. -By defining a set of interfaces the Falco Authors intend to decouple Falco from other softwares and data (eg., from the input sources) and, at the same time, make it more extensible. +By defining a set of interfaces the Falco Authors intend to decouple Falco from other software and data (eg., from the input sources) and, at the same time, make it more extensible. Thus, this document intent is to propose a list of services that constitute the Falco API (targeting the first stable version of Falco, v1.0.0). diff --git a/proposals/20210501-plugin-system.md b/proposals/20210501-plugin-system.md index d6fc74e8..3e8bd5fe 100644 --- a/proposals/20210501-plugin-system.md +++ b/proposals/20210501-plugin-system.md @@ -270,7 +270,7 @@ typedef struct // Arguments: // - s: the plugin state returned by init() // - params: the open parameters, as a string. The format is defined by the plugin - // itsef + // itself // - rc: pointer to an integer that will contain the open result, as a SCAP_* value // (e.g. SCAP_SUCCESS=0, SCAP_FAILURE=1) // Return value: a pointer to the open context that will be passed to next(), diff --git a/userspace/engine/filter_macro_resolver.h b/userspace/engine/filter_macro_resolver.h index 1087a80b..e220f945 100644 --- a/userspace/engine/filter_macro_resolver.h +++ b/userspace/engine/filter_macro_resolver.h @@ -24,7 +24,7 @@ limitations under the License. /*! \brief Helper class for substituting and resolving macro - refereces in parsed filters. + references in parsed filters. */ class filter_macro_resolver: private libsinsp::filter::ast::expr_visitor { diff --git a/userspace/engine/lua/rule_loader.lua b/userspace/engine/lua/rule_loader.lua index 20869135..048138e3 100644 --- a/userspace/engine/lua/rule_loader.lua +++ b/userspace/engine/lua/rule_loader.lua @@ -455,7 +455,7 @@ function load_rules_doc(rules_mgr, doc, load_state) -- In the rules yaml, it's a name + version. But it's -- possible, although unlikely, that a single yaml blob - -- contains multiple docs, withe each doc having its own + -- contains multiple docs, with each doc having its own -- required_engine_version entry. So populate a map plugin -- name -> list of required plugin versions. if load_state.required_plugin_versions[vobj['name']] == nil then @@ -1129,14 +1129,14 @@ function load_rules(rules_content, -- Print info on any dangling lists or macros that were not used anywhere for name, macro in pairs(state.macros) do if macro.used == false then - msg = "macro "..name.." not refered to by any rule/macro" + msg = "macro "..name.." not referred to by any rule/macro" warnings[#warnings + 1] = msg end end for name, list in pairs(state.lists) do if list.used == false then - msg = "list "..name.." not refered to by any rule/macro/list" + msg = "list "..name.." not referred to by any rule/macro/list" warnings[#warnings + 1] = msg end end