[Muscle] Would like to find ideal err const to return in pcsc-lite
Ludovic Rousseau
ludovic.rousseau at gmail.com
Thu Oct 19 11:53:04 PDT 2006
On 19/10/06, Paul Klissner <Paul.Klissner at sun.com> wrote:
> Ludovic Rousseau wrote:
> > It is easy on the libpcsclite side to check the file permissions of
> > /var/run/pcscd.pub and return SCARD_E_NO_PERMISSION when appropriate.
> You're right. That error code solves more problems. It doesn't address
> things like a bad $DISPLAY environment variable format or bad syntax
> directly, but those could be indicated by SCARD_E_INVALID_PARAMETER,
> which already exists in pcsclite.h, if the docs indicated clearly
> that if $DISPLAY is defined, it becomes an indirect parameter.
Checking for $DISPLAY in pcsc-lite is a bad idea:
1. PC/SC API has nothing to do with X11
2. it is easy for a (remote) user process to set DISPLAY=:0.0 just
before calling SCardEstablishContext() and bypass any check on
$DISPLAY
Why don't you want to use the file permissions on /var/run/pcscd.pub
as proposed?
> But that question does bring me to another question: I need to find a
> good way to pass EUID and Xdpy# to our IFD Handler, in a way that plays
> nicely with existing IFD handlers.
Which part will send the EUID and Xdpy# to the IFD handler? The user
application?
What happens if the application says "Hey, I am EUID 0, please give me access"?
> Any of your thoughts on that would be extremely helpful.
You should describe your architecture in details first.
Bye,
--
Dr. Ludovic Rousseau
More information about the Muscle
mailing list