-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/26/2012 09:55 PM, Cristian Rodríguez wrote:
El 26/09/12 16:49, Guido Berhoerster escribió:
From the limited info on FSS,
Sure, the initial implementation is just one month old..
it seems that it is inherently racy
as sealing happens in certain intervals giving an attacker a time window to conceal its tracks,
The attacker can delete the journal file if he/she/it has aquired that level of privilege, however modifing the existing journal entries is very hard without getting noticed.
http://www.freedesktop.org/software/systemd/man/systemd-journald.service.htm... does not give much details, but https://plus.google.com/115547683951727699051/posts/g1E6AxVKtyc mentions a verification key that needs to be stored in a secure location... actually it is a secret key that might allow faking logs by regenerating the sealing keys from it. It could work, if the crypto is done right. Ciao Bernhard M. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBlVKEACgkQSTYLOx37oWR8OQCgvAnQxGl8G/RgHa/1EDzfGxaZ KrgAn2jIQiDqJeBtBu1vm11qaK9Q873k =0M9D -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org