The default installed polkit policy only allows console users to access smart cards
Non-interactive or remote usage now requires admin rights, or a specific policy (see README.polkit)
This commit is contained in:
parent
db032e045f
commit
5d49035ba2
@ -11,8 +11,8 @@
|
||||
<description>Access to the PC/SC daemon</description>
|
||||
<message>Authentication is required to access the PC/SC daemon</message>
|
||||
<defaults>
|
||||
<allow_any>yes</allow_any>
|
||||
<allow_inactive>yes</allow_inactive>
|
||||
<allow_any>auth_admin</allow_any>
|
||||
<allow_inactive>auth_admin</allow_inactive>
|
||||
<allow_active>yes</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
@ -21,8 +21,8 @@
|
||||
<description>Access to the smart card</description>
|
||||
<message>Authentication is required to access the smart card</message>
|
||||
<defaults>
|
||||
<allow_any>yes</allow_any>
|
||||
<allow_inactive>yes</allow_inactive>
|
||||
<allow_any>auth_admin</allow_any>
|
||||
<allow_inactive>auth_admin</allow_inactive>
|
||||
<allow_active>yes</allow_active>
|
||||
</defaults>
|
||||
</action>
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
Name: pcsc-lite
|
||||
Version: 1.8.10
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: PC/SC Lite smart card framework and applications
|
||||
|
||||
Group: System Environment/Daemons
|
||||
@ -121,6 +121,7 @@ rm $RPM_BUILD_ROOT%{_docdir}/pcsc-lite/README.DAEMON
|
||||
|
||||
%files
|
||||
%doc AUTHORS ChangeLog DRIVERS HELP README SECURITY TODO
|
||||
%doc doc/README.polkit
|
||||
%dir %{_sysconfdir}/reader.conf.d/
|
||||
%{_unitdir}/pcscd.service
|
||||
%{_unitdir}/pcscd.socket
|
||||
@ -149,6 +150,11 @@ rm $RPM_BUILD_ROOT%{_docdir}/pcsc-lite/README.DAEMON
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Mar 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 1.8.10-3
|
||||
- The default installed polkit policy allows console users to access
|
||||
smart cards. Non-interactive or remote usage now requires admin
|
||||
rights, or a specific policy (see README.polkit)
|
||||
|
||||
* Tue Feb 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 1.8.10-2
|
||||
- Added upstream patch to support polkit
|
||||
- Force sanity of parameters received by the client
|
||||
|
Loading…
Reference in New Issue
Block a user