Shawn Willden wrote:
On Thursday 26 October 2006 01:07, Michael Bender wrote:
$DISPLAY is not used as the sole security key, we used trusted data
(the UID of the caller, and, in a Solaris Zones/TX environment, the
zone information) and the access control policy, implemented in the
Sun Ray PAM module, is pretty simple - if the value of $DISPLAY (which
can be spoofed) refers to an X display that the UID of the caller
controls, then the caller gets access to the reader.
Okay, I'm probably just really dense, but: Is the only purpose of passing the
$DISPLAY to disambiguate the case where the user is logged into multiple Sun
Rays (DTUs, you call them, IIRC) simultaneously?
If so, it might clear up a lot of confusion if you say so. If not, what else
is it used for? Not authentication, obviously.
When built with the option, ./configure --enable-inetv4,
the default will be for pcscd to use a base port# with xdpy#
added as an offest. libpcsclite.so will use $DISPLAY to know
which port to connect to.
NOTE: ./configure --enable-well-known-port[=port#]
would enable a different port numbering scheme.
Server side, pcscd is launched per X session, and is passed
it's lifetime unique xdpy# via argv[], to determine which port
to listen on (in default port #'ing scheme). However, that
doesn't preclude sending ihe client's *intended* xdpy# over
the socket (along with the other $DISPLAY components), to
provide more info to potentially validate, authenticate
and/or use in making data-routing decisions.
Mike Bender, an old-timer on this list and in the Sun Ray group
can possibly respond to this better or lend important perspective.
Paul
Shawn.
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
