This does raise another interesting question: how session safe is pcsc-lite? Right now, all comms are over a single socket /var/run/pcscd.comm - how is access control to this socket implemented? Otherwise I could envisage a very simple DoS : if more than 1 person is allowed to log onto a computer then each person can access the socket and try to access a token/smart card until it locks up (most cards will block after N attempts). How can a user be protected from this?
cheers, JJK Ludovic Rousseau wrote: > On Thu, Apr 3, 2008 at 4:25 PM, Timothy J Miller <[EMAIL PROTECTED]> wrote: > >> That relates to another question I've had--how session and thread safe are >> all these architectures (PCSC-lite, OpenSC, & OpenCT)? E.g., if I'm driving >> multiple heads off one Linux box, all with their own readers, how easy would >> it be for session A to use session B's card? >> > > Can you be more explicit in your description? > > _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
