/usr/share/doc/pcscd/SECURITY is in pcscd 1.8.10-1ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | SECURITY
This file discusses security related issues with pcsc-lite and how to
handle them.
Sometimes it is dangerous to run daemons under a root account. If there is
a chance to exploit a buffer overflow you can protect sensitive information
by running it under a different account. It might be useful to create another
user with hardware priveledges and run pcscd as that user. Be sure this user
can manipulate the server sockets.
Application suggestions:
Make sure you Disconnect when you are not using the reader. Also be sure to
ReleaseContext before exiting your program.
|