El 26/09/12 16:49, Guido Berhoerster escribió:
From the limited info on FSS,
Sure, the initial implementation is just one month old.. it seems that it is inherently racy
as sealing happens in certain intervals giving an attacker a time window to conceal its tracks,
The attacker can delete the journal file if he/she/it has aquired that level of privilege, however modifing the existing journal entries is very hard without getting noticed. } furthermore it depends on
cryptographic technology which hasn't even undergone basic peer review yet.
Yeah, FUD. that's all we need right ? Im afraid that you would have to prove such thing before that statement is giving any validity...
That's very unfortunate for those of us who also use it on servers as such use cases seem to get less and less testing and attention.
It will need attention anyway for SLE or the rest of the world. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org