Ludovic Rousseau wrote:Can you be more explicit in your description?
On Apr 3, 2008, at 9:49 AM, Jan Just Keijser wrote:
This does raise another interesting question: how session safe is pcsc-lite? Right now, all comms are over a single socket/var/run/pcscd.comm - how is access control to this socket implemented? Otherwise I could envisage a very simple DoS : if more than 1 person isallowed to log onto a computer then each person can access the socketand try to access a token/smart card until it locks up (most cards willblock after N attempts). How can a user be protected from this?
Jan put it better than I did. I'm concerned about multiple simultaneous users on a single host. If one is using a smartcard, could a second user gain access and also use it (not just create a DoS condition).
Windows handles this through the LSA enforcing memory protection, but there's no real equivalent on Linux.
-- Tim
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
