"Michael S. Tsirkin" <m...@redhat.com> wrote on 03/31/2013 04:17:28 AM: > > You want to protect against someone who is able to > manipulate some bits in the file (content) but not others (hash)? > What's the attack you are trying to protect against here? > > I'm guessing the only result of extra checksums would be > unbootable guests when qemu manages to corrupt the checksum > without any help from attackers ...
You are of course correct. I advised an integrity value just to detect a hardware or software fault. The check value would not protect against an attack.
