[Pcsclite-muscle] Deny card access for one application
Ludovic Rousseau
ludovic.rousseau
Tue Jul 28 02:54:55 PDT 2015
2015-07-28 11:28 GMT+02:00 Florent <fdeybach at gmail.com>:
> Hello
>
>> pcsc-lite do not provide such feature. All readers are visible to all
>> applications.
>
>
> I was afraid of that... :)
>
>>
>> I imagine this would be a feature of FreeRDP to limit the resources
>> that are redirected. I don't know if FreeRDP already can do that.
>
>
> No FreeRDP cannot limit the resources it forwards. The RDP protocol works in
> a "redirect them all" way (for the smartcards).
> So I wrote a small program which gets an exclusive access to the card I
> don't want to redirect during the execution of FreeRDP. This is an ugly
> workaround but it works...
I would suggest to write a filter library that you insert between
FreeRDP and the real libpcsclite.so.1.
This library would rewrite SCardListReaders [1] to change the list of
readers returned.
You could use LD_PRELOAD to force load the filter in FreeRDP.
I could add this library in the pcsclite/contrib project [2].
I may write it myself but I don't know when I will have both time and
motivation to work on it.
Bye
[1] http://pcsclite.alioth.debian.org/api/group__API.html#ga93b07815789b3cf2629d439ecf20f0d9
[2] https://anonscm.debian.org/cgit/pcsclite/contrib.git/tree/
--
Dr. Ludovic Rousseau
More information about the pcsclite-muscle
mailing list