[Pcsclite-muscle] Deny card access for one application

Florent fdeybach
Tue Jul 21 23:02:31 PDT 2015


>
> https://pcsclite.alioth.debian.org/api/group__API.html#ga4e515829752e0a8dbc4d630696a8d6a5
>
>
>
> dwShareMode = SCARD_SHARE_EXCLUSIVE
>
>
>
> Can you have each application establish an exclusive connection to the
> reader they need to use?
>
>
>

Thanks the lead, however in my case, this won't do the trick:

- one reader is used to authenticate the user (via pam_pkcs11 and pam_krb5)
when the user logs in first and to exit the screensaver and whenever he
removes the reader (which locks the screen). This reader must not be used
by the application (FreeRDP)
- the second reader is used in FreeRDP.

I could write a small app which would "lock" the first reader as soon I
start FreeRDP so I won't be used by it (and even then, I am not sure about
the behaviour of the application...). However I need to access the reader
for time to time If I have to authenticate myself, for example to exit the
screensaver... If the first reader is still locked I won't be able to
resume my session...

Cheers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pcsclite-muscle/attachments/20150722/0700b211/attachment-0001.html>



More information about the pcsclite-muscle mailing list