[systemd-devel] Tempering the Logging Data when Knowing the Verification Key / Time Synchronization

Andreas Krueger Andreas.Krueger at fmc-ag.com
Mon Oct 11 17:08:59 UTC 2021


Hi Folks,


I am currently working in an embedded project that uses Journal for logging. The logging data shall be protected by the Journal's sealing mechanism FSS and for various reasons the verification key is located unprotected in memory.

Regarding this constellation, my first question is that:
If an attacker knows the verification key, is he able to modify the logging data in such a way that its tempering remains undetected, even if this has happened e.g. one day ago (which means that several new sealing keys has been generated in the meantime) ?

Since sealing is always done for a time interval, my second question is that:
What will happen to the logging data and sealing mechanism when the system clock is suddenly modified? This can e.g. happen, when the board starts first with a default time value and then synchronized after a while by a time daemon.

Regards,
Andreas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20211011/10890ac6/attachment.htm>


More information about the systemd-devel mailing list