Update docs/spec/draft/threats.md

Signed-off-by: Zachariah Cox <[email protected]>
slsa-framework · Dec 4, 2024 · ba86a5b · ba86a5b
1 parent cc9df6e
commit ba86a5b
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/docs/spec/draft/threats.md b/docs/spec/draft/threats.md
@@ -148,7 +148,7 @@ Changes to the controls themselves should require their own review process.
 Solution: The producer can modify the rule to disallow bypass by administrators, or move the rule to an organization-level ruleset.
 
 *Example 2:* GitHub repository-level admin removes a branch requirement, pushes their change, then re-enables the requirement to cover their tracks.
-Solution: The producer can use higher-permission-level rulesets (such as organization-level) to prevent repository-level tampering.
+Solution: The producer can configure higher-permission-level rules (such as organization-level GitHub Rulesets) to prevent repository-level tampering.
 
 #### (B2) Evade change management process