On Thu, 2014-12-04 at 11:19 +0100, Ludovic Rousseau wrote: > 2014-12-04 9:36 GMT+01:00 Nikos Mavrogiannopoulos <[email protected]>: > > ----- Original Message ----- > > > >> Possible problem: If the authorization agent is present and active, > >> polkit_authority_check_authorization_sync() could take a long time (the > >> time of users' response). If the next request comes in the same time, it > >> is postponed until the previous one is handled. (Actions done by root > >> are not postponed.) > > > > Indeed, and that is the reason it is disabled. I found that unacceptable for > > a server that can serve multiple requests. A client can always authenticate > > as admin using su, and then use pcscd. > > Should I revert the patch?
The drawback of that approach is that each accept()ed session will be blocked until the password is entered and sent by the user. If the user goes for lunch without entering a password that session will be blocked from processing any other requests. I cannot predict how that would affect typical pcscd usage. I think that it would be better for that change to be combined with using polkit asynchronously. regards, Nikos _______________________________________________ Pcsclite-muscle mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pcsclite-muscle
