[Pcsclite-muscle] RFC - one old and one new bluetooth device driver.

James pcsclite
Tue Aug 15 04:25:28 PDT 2017


> You can load the key from Info.plist.

At least on my system, that's world readable

[james at meh ~]$ ls -lZ $(rpm -ql pcsc-lite-ccid | grep Info.plist)
-rw-r--r--. root root system_u:object_r:lib_t:s0       /usr/lib64/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist

and is installed from Makefile.am with

        cp Info.plist $(DESTDIR)$(usbdropdir)/$(CCID_BUNDLE)/Contents/

so takes whatever the distro's default umask is 

If you have access to secret key, then it's possible without any special
hardware to capture from the air the BTLE exchange and extract the pin or
indeeed anything else.

An object with similar security properties is a bluetooth link key (for say a
keyboard). Bluetooth stacks either store these in the hardware themselves or in
root-only accessible locations.

J.




More information about the pcsclite-muscle mailing list