27 | | 1. a root shell must be started, preferable a limited, secure shell such as `dash`, |
28 | | 2. unnecessary processes must be closed (e.g. graphical environment, browser), |
29 | | 3. the `umask` must be set so that no file created is every readable by someone other than the superuser, |
30 | | 4. file permissions must be double checked. |
| 27 | 1. A root shell must be used for it (preferably a limited, secure shell such as `dash`). |
| 28 | 2. Unnecessary processes must be closed (e.g. graphical environment, browser). |
| 29 | 3. The `umask` must be set so that no file created is every readable by someone other than the superuser. |
| 30 | 4. File permissions must be double checked after completing the work. |