And not to mention the free-memory information in GetStatus: are we going to reveal to unauthorized users the precious information about how much "secret" data is stored onto your card ?
The original semantics of ListObjects, ListPINs, ListKeys and GetStatus is just to give information on how much resources are occupied on the device, as a **public** information, whatever the privilege of the current session is.
If we start going through access control also for this kind of commands, possibilities are endless, and, as usual, complexity increases.
I would suggest to not apply that patch in the "main" branch of the code, so to retain the original behaviour (which is also documented). The patch may be made available as a separate download for whoever needs that other kind of behaviour. Of course, unless so many people need this new kind of beahaviour .........
Bye,
T.
Peter Williams wrote:
----- Original Message ----- From: "Peter Stamfest" <[EMAIL PROTECTED]>
To: "MUSCLE" <[EMAIL PROTECTED]>
Sent: Sunday, November 28, 2004 1:10 AM
Subject: [Muscle] [Patch] - Do not list objects/keys not usable by the currently logged in identities
Hello,
This patch changes the applet to only list objects and keys the currently logged-in identities have access to.
You argued that the enumeration is sensitive, because it releases information the logged in identity is not entitled to.
If we accept this, should a user with read only access have visibility on the other identities who have write access?
Should a user with pin-based read rights be able to assert these to learn that an object requires a particular strong authentication key, or #15 bio id?, for writing?
Should a user with pin-based read/write rights, but no strong strong authentication rights, be able to assert these to learn that an object requires a particular strong authentication key, or #15 bio id?, for writing?
Peter. _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle
