writes with this bit from IT World: "In an effort to foil crackers' attempts to cover their tracks by altering text-based syslogs, and improve the syslog process as a whole, developers Lennart Poettering and Kay Sievers are proposing a new tool called The Journal. Using key/value pairs in a binary format, The Journal is already stirring up a lot of objections."
Log entries are "cryptographically hashed along with the hash of the previous entry in the file" resulting in a verifiable chain of entries. This is being done as an extension to systemd
). The design doesn't just make logging more secure, but introduces a number of overdue improvements
to the logging process. It's even compatible with the standard syslog interface
allowing it to either coexist with or replace the usual syslog daemon with minimal disruption.