F21 System Wide Change: Access control in PCSC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



= Proposed System Wide Change: Access control in PCSC =
https://fedoraproject.org/wiki/Changes/PcscAccessControl

Change owner(s): Nikos Mavrogiannopoulos <nmav@xxxxxxxxxx>

Add access control to PC/SC smart cards available in the system. Adding access 
control would (a) prevent unauthorized processes/users from reading data on a 
smart card, (b) prevent unauthorized processes/users from erasing a smart 
card, (c) prevent unauthorized processes/users from talking to the smart card 
firmware.

== Detailed Description  ==
Add access control to PC/SC smart cards available in the system. Currently 
smart cards may provide their own access control for certain elements of a 
card such as a private key. Their access control method is typically a PIN, 
but can also be a biometric based one. That however, is not sufficient to 
prevent certain actions on the non-PIN protected elements. For example cards 
that provide a PKCS #15 filesystem can be modified by anyone that has access in 
the system (e.g., erased using pkcs15-init -E).

The default settings allowed should be similar to the default settings for 
hard disks, i.e., root and the user in console should be able to access the 
smart card.

Adding access control would
* prevent unauthorized processes/users from reading data on a smart card
* prevent unauthorized processes/users from erasing a smart card
* prevent unauthorized processes/users from talking to the smart card firmware 

The way access control will be implemented is using polkit which is already 
being used to control access to hard disks. As smart cards share a lot with 
hard disks (e.g., a filesystem, and are inserted by the console user), sharing 
the same access control method is beneficial.

== Scope ==
polkit support has to be added to PC/SC daemon. An initial version has already 
been developed and communicated upstream

* Proposal owners: The polkit support has to be merged with the Fedora 
package. That requires changes to the pcsc daemon only, but indirectly all 
packages that potentially may use smart cards are affected (opensc, firefox, 
...).

* Other developers: Packages that use PC/SC smart cards must be checked that 
they work as expected after the access control change.

* Release engineering:  No coordination is required.

* Policies and guidelines: If there is any security policy documentation 
should be updated to include the new policies on smart cards (I couldn't find 
any such documentation though) 
_______________________________________________
devel-announce mailing list
devel-announce@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux