I'm currently adding code to pcsc-lite to facilitate pcscd functioning in a Sun Ray environment running optionally under Solaris 10 Trusted Extensions (highly secure environment).
The pcsclite library must check the $DISPLAY environment variable on the client and validate that it refers only to a display, on the local machine, if defined. Failing that, it needs to return an error code to the client. I'd like to add SCARD_E_INVALID_DISPLAY to the list of err consts in PCSC/pcsclite.h, and the text "Invalid $DISPLAY environment" to pcsc_stringify_error(), but I am concerned that I might be constrained by backward-compatibility issues. Any thoughts on this, or which existing error codes I might fall back to using if extending the list isn't an option? The existing list of error constants seems far from ideal. Also, further validation of the X display is done server side, where client EUID is obtained from the socket and authenticated via a PAM module as the owner of the X display. If that check fails, I planned to return the same error code as for a client-side failure, however, having an even more explicit error might be reasonable too. Any thoughts on this? Thanks, Paul Klissner _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
