From 22211a1267f136c4b55bc2298bc9de19d5973f9f Mon Sep 17 00:00:00 2001
From: Louis Burda <quent.burda@gmail.com>
Date: Mon, 17 May 2021 19:09:18 +0200
Subject: amend documentation

---
 documentation/README.md | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

(limited to 'documentation/README.md')

diff --git a/documentation/README.md b/documentation/README.md
index db2f5f2..ecfbdd4 100644
--- a/documentation/README.md
+++ b/documentation/README.md
@@ -14,9 +14,9 @@ and generate reports that include information on the files..
 Uploaded models and generated reports are stored in a directory structure.
 
 Unregistered users have their files saved in a collective directory, which
-allows users to query for public models by using their model name.
-Registered users have their uploads saved to a private directory.
-This (theoretically) prevents other users from accessing their files.
+allows users to query for public models via model name. Registered users have
+their uploads saved to a private directory. This (theoretically) prevents other
+users from accessing their files.
 
 The service is hosted with socat, one process per client.
 
@@ -31,16 +31,16 @@ which can be used to cause havoc on vulnboxes and make services go mumble.
 
 1. Enable additional security features via flags during compilation:
 
-	`CFLAGS="-fPIE -fstack-protector-strong -D_FORTIFY_SOURCE=2"`
+	`CFLAGS = "-fPIE -fstack-protector-strong -D_FORTIFY_SOURCE=2"`
 
 	- `-fPIE`: enable position independent executable section
 	- `-fstack-protector-strong`: enable stack canaries in functions with local variables that are prone to overflow
 	- `-D_FORTIFY_SOURCE=2`: gcc buffer overflow detection
 
-	`LDFLAGS="-Wl,-z,now -Wl,-z,relro"`
+	`LDFLAGS = "-Wl,-z,now -Wl,-z,relro"`
 
 	- `-Wl,-z,now`: tell dynamic linker to resolve symbols ASAP instead of lazy loading
-	- `-Wl,-z,relro`: tell dynamic linker to make got read only after resolving symbols
+	- `-Wl,-z,relro`: tell dynamic linker to make `got` section read-only after resolving symbols
 
 2. Chroot each service instance via socat so it can only access
 	uploaded files and not corrupt the system.
@@ -197,8 +197,3 @@ Patching
 For an example fix, see the unified patch `patches/flagstore2.diff`.
 
 
-Traffic Analysis Evasion
-========================
-
-
-
-- 
cgit v1.2.3-71-gd317