-
Notifications
You must be signed in to change notification settings - Fork 712
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OPENSC_DRIVER environment variable prevents parsing configuration file #1266
Comments
Reading through the source code, one thing I do not completely understand is that there are two configuration options:
The first option looks like it was here for some time (cd4e365, Mar 2002), and the second option was authored by jey in Apr 2002 (9c39ca7). The environment variable that is connected to the second option ( ProposalLong story short, my proposal would be to get rid of the Are you against this approach for some reason? Do I miss some use case for this configuration option? @frankmorgner @dengert @mouse07410 @viktorTarasov ? I also see that there is no Windows alternative as it was discussed in the #882. This is probably also a room for improvement, even though I have no way how to test the final product. Also I see that this is nowhere documented. After we will resolve this, we should really update at least Environment-variables wiki page. Additionally, it should be described someplace in configuration file, what does it do. |
I believe these two options aren't supposed to be used simultaneously. But it's clear that in some cases I may want to "force" exactly one driver, while in other cases I want to restrict the set of drivers to a few. Thus, IMHO both should be there, maybe just better documented. |
Am I missing something, or restricting the drivers to the single driver is something else than forcing single driver? |
Ah, OK. Yes you're right. Still, the site config may restrict the set to a few, and a particular invocation may want to force just one... |
That would still work in case of configuration file as a "site configuration" and environment variable as "particular invocation", which would overwrite the single configuration option. |
Just got notified about this, I am busy and cannot write more at the moment but if you can wait a few days I can give more insight about the history of the |
Some apps/users may rely on one, some - on the other. I'm against messing with something that works. Suggest we leave this alone. |
And if there is more than one way to accomplish something - well, fine with me. |
@Jakuje my understanding is the same, which is why I removed I agree that the configuration file should be parsed even if More generically, I wonder if we should trust environment variables at all. For example, I'm using a restricted |
oh. I was reading through that PR some time ago, but forgot you removed also the But reading through the code and changes you proposed again, you did delete the option, but you left the logic behind, which is causing this behavior (by setting the The other question about security is more broad. While all we agree that it is very useful for debugging (both of the environment variables) and configuring different applications with different configuration/driver, the security is questionable. But do we have to defend against this attack vector? When environment is compromised, the attacker could already configure other tools to log quite much everything and do other nasty things. Anyway, the security is not the question of this topic. The variables are there now for long time and will probably not go simply away (if one should go, it would be the |
I say no, we do not need to defend against that attack vector. |
And I cannot imagine OPENSC_CONF going away. Besides, I use that feature myself. |
Using the forced-driver prevents parsing of additional constructions in configuration files (for example flags based on ATRs). This implementation replaces transparently the existing list defined in card_drivers. Resolves: OpenSC#1266
Using the forced-driver prevents parsing of additional constructions in configuration files (for example flags based on ATRs). This implementation replaces transparently the existing list defined in card_drivers. Resolves: #1266
Problem Description
From discussion in the #1243 it appears very confusing for many people that once the
OPENSC_DRIVER
environment variable is used, NO configuration file is parsed and therefore the ATR matches with flags implemented in there are not effective.Proposed Resolution
The configuration files should be parsed regardless this variable. It should only overwrite the drivers option, defined in the configuration file.
If we agree that this should be the way to go, I can have a look into possible implementation.
The text was updated successfully, but these errors were encountered: