Hello, On Aug 3, 2010, at 11:05 PM, Andre Zepezauer wrote: > in the interests of the users of OpenSC, it would be fair to apply the > following patch. FYI: I gathered all opensc.conf entries [1] that can have security/intrusion related effects to the wiki page dealing with security considerations [2].
The list can be incomplete as well as implications incorrect. As always it comes with no warranty and as is. YMMV. Feel free to update/correct it. > + # WE (THE OPENSC DEVELOPERS) ARE VERY AWARE OF THE FACT, THAT > + # THIS FEATURE IS INSECURE. NEVERTHELESS IT IS ENABLED BY > DEFAULT, > + # BECAUSE WE DON'T CARE ABOUT YOUR (THE USERS) SECURITY NEEDS. Please describe your security needs so that they could be understood and addressed better. [1] http://www.opensc-project.org/opensc/wiki/SecurityConsiderations#Relevantopensc.confentries [2] http://www.opensc-project.org/opensc/wiki/SecurityConsiderations -- Martin Paljak @martinpaljak.net +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel