BTW, I noticed that my code enables a DOS attack, allowing an attacker to
reset the card during another process's transaction. Without my changes, an
attacker can still reset the card to annoy another process, but only outside
of a transaction. The way to fix this is to move the ownership test to a
point after the transaction lock is checked in SCardTransmit. That's a more
logical place for it anyway.
Shawn.
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
