http://blog.gerhards.net/2011/11/what-i-dont-like-about-journald.html -
the true how systemd owner handles the cases
http://blog.gerhards.net/2011/11/journald-log-hash-chaining-is-broken.html - What Lennart
said is bullshit. If someone break in your system and can edit your syslogs it means the
attacker has root access. Then who cares? Seriously? once the hacker has root rights it
will run this # > /var/log/journal/<unique string>/*
and the all logs attacker's fingerprints gone at once. So the security
purpose is bullshit.
and finally:
http://blog.gerhards.net/2011/11/journald-and-rsyslog.html
Everyone who reads this can decide wants to use the 'proper awesome
systemd-journal' or just tolerates it on his system because it must to
be on it (for reason just search in the archive).
Balint