On 23/03/06, Shawn Willden <[EMAIL PROTECTED]> wrote: > Okay, so here's some code to illustrate the idea. I don't think this is > necessarily the right approach, but it should provide a starting point for > discussion. It is intentionally minimal, and somewhat hackish. > > This patch: > > 1. Adds a notion of reader "ownership" by a given user ID. When the reader > is "owned" and a different user tries to exchange APDUs with the card, the > card will be reset first. > 2. Uses the SCARD_SCOPE_USER flag to SCardEstablishContext as a signal that > the new context wishes to obtain ownership of readers it talks to. This is > probably a bad idea. > 3. Adds code to validate that the user ID reported by the client in the > message to the server is, in fact, the user ID owning the process that sent > the request. Note that the technique used to obtain the UID of the client > process may be Linux-specific. I know it does not work on Solaris (though > Solaris does provide other mechanisms to achieve the same result). > > The patch is against SVN trunk. > > Comments/flames/chastisement all welcome,
After reading the other threads on this subject I think your approach may be correct. I am even thinking on always activating this mechanism (and then remove the bOwned flag). Do we have a (valid) use case in which application A from user U is using a reader and an application B from a different user V also needs to use the same reader? Bye, -- Dr. Ludovic Rousseau _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
