[pkg-opensc-commit] [SCM] OpenSC packaging branch, master, updated. e33dcfc0130b71d0eb1e023fa996e19232e2f7cc

Eric Dorland eric at debian.org
Thu Jul 31 19:18:06 UTC 2008 

The following commit has been merged in the master branch:
commit 8df50e7be3fd0a92bdd38f944b122a51c5c53aaf
Author: Eric Dorland <eric at debian.org>
Date:   Sun Dec 23 00:10:25 2007 -0500

    * etc/opensc.conf.in: Document that lock_login is actually set to false
      by default. Thanks Mark Proehl. (Closes: #457322)

diff --git a/debian/changelog b/debian/changelog
index 1dda892..b508914 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+opensc (0.11.4-3) unstable; urgency=low
+
+  * etc/opensc.conf.in: Document that lock_login is actually set to false
+    by default. Thanks Mark Proehl. (Closes: #457322)
+
+ --
+
 opensc (0.11.4-2) unstable; urgency=low
 
   * debian/libopensc2.install: Install onepin-opensc-pkcs11 signer. Thanks
diff --git a/etc/opensc.conf.in b/etc/opensc.conf.in
index 36aeba8..5d7d609 100644
--- a/etc/opensc.conf.in
+++ b/etc/opensc.conf.in
@@ -317,20 +317,20 @@ app opensc-pkcs11 {
 		# slots.
 		hide_empty_tokens = yes;
 
-		# By default, the OpenSC PKCS#11 module will
-		# try to lock this card once you have authenticated
-		# to the card via C_Login. This is done so that no
-		# other user can connect to the card and perform
-		# crypto operations (which may be possible because
-		# you have already authenticated with the card).
+		# By default, the OpenSC PKCS#11 module will will not lock
+		# this card once you have authenticated to the card via
+		# C_Login. This may add some risk as other users may connect
+		# to the card and perform crypto operations (which may be
+		# possible because you have already authenticated with the
+		# card). You may consider changing it to true.
 		#
-		# However, this also means that no other application
-		# that _you_ run can use the card until your application
-		# has done a C_Logout or C_Finalize. In the case of
-		# Netscape or Mozilla, this does not happen until
-		# you exit the browser.
-		# Default: true
-		# lock_login = true;
+		# However, if you do, this also means that no other
+		# application that _you_ run can use the card until your
+		# application has done a C_Logout or C_Finalize. In the case
+		# of Netscape or Mozilla, this does not happen until you exit
+		# the browser.  
+		# Default: false 
+		# lock_login = false;
 
 		# Normally, the pkcs11 module will not cache PINs
 		# presented via C_Login. However, some cards

-- 
OpenSC packaging

More information about the pkg-opensc-commit mailing list