From 5d49035ba2a56853eef21d2c4c905c96eea32632 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Tue, 11 Mar 2014 13:55:54 +0100 Subject: [PATCH] The default installed polkit policy only allows console users to access smart cards Non-interactive or remote usage now requires admin rights, or a specific policy (see README.polkit) --- org.debian.pcsc-lite.policy | 8 ++++---- pcsc-lite.spec | 8 +++++++- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/org.debian.pcsc-lite.policy b/org.debian.pcsc-lite.policy index e089707..cbae505 100644 --- a/org.debian.pcsc-lite.policy +++ b/org.debian.pcsc-lite.policy @@ -11,8 +11,8 @@ Access to the PC/SC daemon Authentication is required to access the PC/SC daemon - yes - yes + auth_admin + auth_admin yes @@ -21,8 +21,8 @@ Access to the smart card Authentication is required to access the smart card - yes - yes + auth_admin + auth_admin yes diff --git a/pcsc-lite.spec b/pcsc-lite.spec index d249b69..6823084 100644 --- a/pcsc-lite.spec +++ b/pcsc-lite.spec @@ -2,7 +2,7 @@ Name: pcsc-lite Version: 1.8.10 -Release: 2%{?dist} +Release: 3%{?dist} Summary: PC/SC Lite smart card framework and applications Group: System Environment/Daemons @@ -121,6 +121,7 @@ rm $RPM_BUILD_ROOT%{_docdir}/pcsc-lite/README.DAEMON %files %doc AUTHORS ChangeLog DRIVERS HELP README SECURITY TODO +%doc doc/README.polkit %dir %{_sysconfdir}/reader.conf.d/ %{_unitdir}/pcscd.service %{_unitdir}/pcscd.socket @@ -149,6 +150,11 @@ rm $RPM_BUILD_ROOT%{_docdir}/pcsc-lite/README.DAEMON %changelog +* Tue Mar 11 2014 Nikos Mavrogiannopoulos - 1.8.10-3 +- The default installed polkit policy allows console users to access + smart cards. Non-interactive or remote usage now requires admin + rights, or a specific policy (see README.polkit) + * Tue Feb 11 2014 Nikos Mavrogiannopoulos - 1.8.10-2 - Added upstream patch to support polkit - Force sanity of parameters received by the client