-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-27 09:31, Andreas Jaeger wrote:
On Wednesday, September 26, 2012 22:11:38 Carlos E. R. wrote:
If the logs are cryptographically protected, the applications that send data to them are not. The problem remains.
The kernel wont let you forge from what app the logs messages are generated. Doesn't matter. It is opensource, I can put a rogue apache that sends the logs I want.
The logs will also record that apache was restarted and when ;)
So what? The rogue apache may be in place months before. :-p In order for this to work, you have to distribute a certified Linux setup, probably certifying the binaries on disk. This can not be done with openSUSE, perhaps with SLES running from DVD. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBkwgcACgkQIvFNjefEBxrssgCeJoZeYFWYE9V+T9xyxCsAOzBr 4t4An0g/LqcJUapltJAY9tSa7/IVdoi/ =EcdC -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org