[Python-Dev] tamper-evident logs
Bryan L. Fordham
bfordham at socialistsushi.com
Wed Oct 23 09:07:12 EDT 2002
Jeff Epler wrote:
>On Tue, Oct 22, 2002 at 10:55:54PM -0400, Bryan L. Fordham wrote:
>
>
>>here's a question for y'all:
>>
>>
>
>This is not a question for python-dev. Redirected to python-list.
>
Whoops. Thanks. Sorry about that.
>The simplest idea that comes to mind would be to store a hash of the
>log combined with a "secret". (Of course, since it'll necessarily be
>stored on the same computer, it's not really a "secret", but it can be
>obfuscated as much as you like)
>
>
I'd considered something like this, but for some reason the idea of
adding the date and a secret didn't jump into my mind. Maybe I need
more caffiene. 8)
I think that's a workable solution, though I'm open to other suggestions.
This isn't for anything that requires high-security, nor and I worried
about someone trying to make the software think it's been tampered with
then it has not been.
--B
More information about the Python-list
mailing list