[Pcsclite-muscle] add SOCK_CLOEXEC for client connections
Ludovic Rousseau
ludovic.rousseau
Tue Jul 8 06:42:52 PDT 2014
2014-07-07 14:24 GMT+02:00 Stefani Seibold <stefani at seibold.net>:
> Hi,
Hello,
> this patch fix a small security and usability problem for pcsc-lite
> client connections by adding a SOCK_CLOEXEC to the socket() call.
>
> An application which use the pcsc-lite should never pass the socket file
> descriptor to its child processes. This make no sense, since the child
> have no idea what to do with the handle.
I agree. It makes no sense for the child to have this handle.
Why do you think this is a security issue?
If the parent process is doing something secure then it should call
SCardDisconnect() on all the PC/SC contexts it has opened.
> It will also fix a usability issue. Imaging the process will start a
> long running child (for example a daemon) and then the process will be
> terminated. Once the process will be restarted it can not access the
> smartcard since the daemon will still have the file descriptor open.
I don't follow you here.
Can you provide a sample code with such a problem?
Or provide a more detailed example?
Bye
--
Dr. Ludovic Rousseau
More information about the pcsclite-muscle
mailing list