On Mon, Dec 26, 2011 at 9:27 PM, Cristian Rodríguez
On 26/12/11 18:45, Claudio Freire wrote:
In order to sign entries, the logging daemon
needs to have the keys.
There are no keys...looks like nobody has bothered to read anything at all.
It uses chained hashes.
Keyed or not, don't remember.
If they're not keyed, anyone can falsify records, they only have to
rewrite all hashes.
So I assume they're keyed. If they are, my earlier point holds.
Hence, no security in any case.
To unsubscribe, e-mail: opensuse-factory+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-factory+owner(a)opensuse.org