Contents of /trunk/PCSC/SECURITY

SECURITY

This file discusses security related issues with pcsc-lite and how to
handle them.

Sometimes it is dangerous to run daemons under a root account.  If there is
a chance to exploit a buffer overflow you can protect sensitive information 
by running it under a different account. It might be useful to create another
user with hardware priveledges and run pcscd as that user.  Be sure this user
can manipulate the server sockets.


Application suggestions:

Make sure you Disconnect when you are not using the reader.  Also be sure to
ReleaseContext before exiting your program.
1	SECURITY
2
3	This file discusses security related issues with pcsc-lite and how to
4	handle them.
5
6	Sometimes it is dangerous to run daemons under a root account. If there is
7	a chance to exploit a buffer overflow you can protect sensitive information
8	by running it under a different account. It might be useful to create another
9	user with hardware priveledges and run pcscd as that user. Be sure this user
10	can manipulate the server sockets.
11
12
13	Application suggestions:
14
15	Make sure you Disconnect when you are not using the reader. Also be sure to
16	ReleaseContext before exiting your program.
Name	Value
svn:eol-style	native
svn:keywords	Author Date Id Revision