On Wednesday 02 May 2007 06:17:29 Martin Preuss wrote: > On Wednesday 02 May 2007 00:27, Michael Bender wrote: > > Andreas Jellinghaus wrote: > > > On Tuesday 01 May 2007 21:14:26 Martin Preuss wrote: > > >> For CTAPI drivers there is also another problem that should be > > >> addressed in the next step: I think it would be best to have a system > > >> group/user "chipcard" (or whatever name is feasible) analogous to the > > >> groups "disk", "audio" etc. > > > > > > FYI: debian and ubuntu have "scard" for smart card access. currently > > > used to limit access to openct. > > > > How does this access control mechanism work? > > [...] > > My guess would be: By setting the group and permission of the unix domain > socket of the daemon or ifdhandler?
IIRC some unix variants don't check permissions on socket files or something like that. so we put the permissions on the directory, which works on all unix systems. and that way openct doesn't need to know which permissions to use to create the sockets, which simplifies the code. Regards, Andreas _______________________________________________ Muscle mailing list Muscle@lists.musclecard.com http://lists.drizzle.com/mailman/listinfo/muscle
