Douglas E. Engert wrote:
Is there any way to have OpenCT limit access to reader devices to
the user logged in at the console?
sure.
chgrp scard /var/run/openct
and configure some pam module for login only,
so it adds the user to group scard.
that way only those who used login have group scard
My java application handle multi access to the smart card - no problem,
but I think that already the PKCS11 library should do this. It should be
on this level, because it need not be threads, but applicatons. E.g.
many application (or threads) should be logged on, and when one of them
sign data,
On 19/10/06, Andreas Jellinghaus [EMAIL PROTECTED] wrote:
Douglas E. Engert wrote:
Is there any way to have OpenCT limit access to reader devices to
the user logged in at the console?
sure.
chgrp scard /var/run/openct
and configure some pam module for login only,
so it adds the user to group
Ludovic Rousseau wrote:
I also proposed to change the permissions on the /var/run/pcscd.*
files. Your idea of dynamically add a user in a particular group is
very good. I would prefer smartcard as the group name to be more
explicit.
debian, ubuntu and gentoo use scard already, so guess it will
Ludovic Rousseau wrote:
On 19/10/06, Andreas Jellinghaus [EMAIL PROTECTED] wrote:
Douglas E. Engert wrote:
Is there any way to have OpenCT limit access to reader devices to
the user logged in at the console?
sure.
chgrp scard /var/run/openct
and configure some pam module for login only,