DEFAULT_PKCS11_WHITELIST on 64-bit Linux systems
Damien Miller
djm at mindrot.org
Wed Jan 4 13:23:17 AEDT 2017
On Tue, 3 Jan 2017, Iain Morgan wrote:
> Damien's proposed change would address the issue that I encountered.
>
> While Jakob is correct that the various libraries exist under
> /usr/lib64/pkcs11 on RHEL, adding /usr/lib64/pkcs11/* to the whitelist
> did not work for me. That was because opensc-pkcs11.so is actually under
> /usr/lib64 and is a symlink in /usr/lib64/pkcs11.s
I've committed the fix to relax the whitelist - thanks.
More information about the openssh-unix-dev
mailing list