From 67f55d45f0a12cdac38a0d2faaec7d888e62dc2c Mon Sep 17 00:00:00 2001 From: Armon Dadgar Date: Mon, 26 Jun 2017 17:43:04 -0700 Subject: [PATCH] adding link to security model --- website/source/docs/guides/production.html.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/source/docs/guides/production.html.md b/website/source/docs/guides/production.html.md index 4b073800d9..bf589919b3 100644 --- a/website/source/docs/guides/production.html.md +++ b/website/source/docs/guides/production.html.md @@ -38,5 +38,5 @@ It is entirely possible to use Vault without applying any of the following recom * **Configure SELinux / AppArmor**. Using additional mechanisms like SELinux and AppArmor can help provide additional layers of security when using Vault. While Vault can run on many operating systems, we recommend Linux due to the various security primitives mentioned here. -* **Restrict Storage Access**. Vault encrypts all data at rest, regardless of which storage backend is used. Although the data is encrypted, an attacker with arbitrary control can cause data corruption or loss by modifying or deleting keys. Access to the storage backend should be restricted to only Vault to avoid unauthorized access or operations. +* **Restrict Storage Access**. Vault encrypts all data at rest, regardless of which storage backend is used. Although the data is encrypted, an [attacker with arbitrary control](/docs/internals/security.html) can cause data corruption or loss by modifying or deleting keys. Access to the storage backend should be restricted to only Vault to avoid unauthorized access or operations.