"Kent Tong" <kent@cpttm.org.mo> writes: > Suppose a user is about to sign a file that he has just viewed, but > someone else modifies the files over the network, then he will sign > over the arbitrary contents written by anyone who has write access? Yes. > How to solve this problem? Always sign a local copy.