On Thursday 19 October 2006 17:54, Michael Bender wrote:
> There might be other credentials that would be important in making
> this decision and which could be passed up from libpcsclite.so, got
> any suggestions as to what else might be interesting? Or perhaps
> we could make it more opaque in the sense that we pass a "blob" of
> stuff from the client side, through pcscd, and then into the PAM
> stack, and only the PAM modules would understand that "blob",
> which might be something like key-value pairs. That's for the
> future at any rate, for now, we're doing our prototype with just
> the value of $DISPLAY and the UID of the caller.
What prevents the application from lying when it provides the name/value
pairs, or the $DISPLAY value? I'm sure it's possible for pcscd to check the
UID under which the client app is executing (because I implemented such a
check for Linux), but it seems like pcscd must simply trust the application
to deliver correct values for the rest.
Shawn.
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
