[Pcsclite-muscle] Deny card access for one application
Nikos Mavrogiannopoulos
nmav at redhat.com
Mon Aug 3 13:42:27 UTC 2015
On Tue, 2015-07-21 at 18:57 +0200, Florent wrote:
> Hello list,
> On my Ubuntu system I use two different readers containing each one
> card which are also different.
> Both readers must be usable by my user.
> One of my application (FreeRDP, not to mention it) is capable of
> accessing those smartcard through the libpcsclite.so library.
> However, this means it can access both readers. And I don't want
> that.
You can set up access controls via polkit, but these are applied on
users rather than applications.
> Is there a way to deny the access to one specific reader?
> Through udev rules? Through the Info.plist XML file?
I think, you are too low level to apply access controls per
application. How are your applications using the these smart cards? If
it is via p11-kit you can deny access to various drivers via its
configuration.
regards,
Nikos
More information about the Pcsclite-muscle
mailing list