Ludovic Rousseau wrote: > On Thu, Apr 3, 2008 at 4:49 PM, Jan Just Keijser <[EMAIL PROTECTED]> wrote: >> This does raise another interesting question: how session safe is >> pcsc-lite? Right now, all comms are over a single socket /var/run/pcscd.comm >> - how is access control to this socket implemented? Otherwise I could >> envisage a very simple DoS : if more than 1 person is allowed to log onto a >> computer then each person can access the socket and try to access a >> token/smart card until it locks up (most cards will block after N attempts). >> How can a user be protected from this? > > This is a FAQ. But I could not find the similar thread on the MUSCLE list. > > As you wrote all communications are over a single socket > /var/run/pcscd.comm. So you just need to use the Unix security > mechanism to restrict the access to this file to users allowed to use > the smart card (create a group smartcard for example).
A situation that might arise in the future, could be a machine has a smartcard or other security device locked up inside the case, to be used by root. (and has no pin.) It also has a smartcard reader for use by the user at the console. If both are using pcsc, with the single socket, how would pcsc keep the user from accessing the internal security device? Can pcsc do a seteuid to run as the user, and have ACLs on the usb device? > > This security configuration is left to the local system administrator. hal? > > Bye > -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
