On 19/10/06, Paul Klissner <[EMAIL PROTECTED]> wrote:
Ludovic Rousseau wrote: > It is easy on the libpcsclite side to check the file permissions of > /var/run/pcscd.pub and return SCARD_E_NO_PERMISSION when appropriate. You're right. That error code solves more problems. It doesn't address things like a bad $DISPLAY environment variable format or bad syntax directly, but those could be indicated by SCARD_E_INVALID_PARAMETER, which already exists in pcsclite.h, if the docs indicated clearly that if $DISPLAY is defined, it becomes an indirect parameter.
Checking for $DISPLAY in pcsc-lite is a bad idea: 1. PC/SC API has nothing to do with X11 2. it is easy for a (remote) user process to set DISPLAY=:0.0 just before calling SCardEstablishContext() and bypass any check on $DISPLAY Why don't you want to use the file permissions on /var/run/pcscd.pub as proposed?
But that question does bring me to another question: I need to find a good way to pass EUID and Xdpy# to our IFD Handler, in a way that plays nicely with existing IFD handlers.
Which part will send the EUID and Xdpy# to the IFD handler? The user application? What happens if the application says "Hey, I am EUID 0, please give me access"?
Any of your thoughts on that would be extremely helpful.
You should describe your architecture in details first. Bye, -- Dr. Ludovic Rousseau _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
