[Pcsclite-muscle] (possible) evolutions of pcsc-lite and libccid
Jakub Jelen
jjelen at redhat.com
Fri May 10 02:41:53 PDT 2024
For the record, we are still using the serial support for working with
reader emulators and virtual smart card readers in OpenSC tests such
as:
https://github.com/OpenSC/OpenSC/blob/master/.github/test-oseid.sh#L27
https://github.com/frankmorgner/vsmartcard/tree/master/virtualsmartcard
This means we will likely keep building the pcsc-lite with the support
for serial readers for some time. OTOH, I think these emulators do not
require root access as they do not access physical serial devices so
it should not affect this use cases in the end.
Jakub
On Thu, May 9, 2024 at 1:22 PM Ludovic Rousseau
<ludovic.rousseau at gmail.com> wrote:
>
> Hello,
>
> Here are some ideas for possible evolutions of pcsc-lite.
> The move from autoconf/automake to meson was an initial step into other changes.
>
> systemd sandbox
> ==============
> Now that the serial support is disabled (by default) we only have to
> deal with USB readers.
> It should be possible to use systemd to limit the access rights of
> pcscd to avoid running as root.
> pcscd should only need to access the USB devices.
> See "Use systemd to restrict pcscd rights"
> https://salsa.debian.org/rousseau/PCSC/-/issues/10
> Or "pcscd: Runs with possibly unnecessary privileges"
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930530
>
> udev rule
> =======
> A udev rule could be used to change the access rights of the smart
> card reader devices so it can be opened by a normal (i.e. non root)
> process (pcscd).
>
> USB bus scanning
> ===============
> Another idea is to avoid a new USB bus scanning in the CCID driver to
> find the device to use.
> See '"Open the device in pcscd and give the file descriptor to the
> driver" https://salsa.debian.org/rousseau/PCSC/-/issues/20
> and "Use libusb_wrap_sys_device() and avoid rescanning the USB bus"
> https://salsa.debian.org/rousseau/CCID/-/issues/11
>
> I don't know when all these features will be ready.
> Some of them have been on the TODO list for over 10 years :-)
>
> If you have other ideas please share them.
>
> Regards,
>
> --
> Dr. Ludovic Rousseau
>
> _______________________________________________
> pcsclite-muscle mailing list
> pcsclite-muscle at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/pcsclite-muscle
>
More information about the pcsclite-muscle
mailing list