update comment to reflect the fact that lock_login is now false by

default Thanks to Eric Dorland for the patch git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3311 c6295689-39f2-0310-b995-f0e70906c6a9
2008-01-03 09:44:40 +00:00 · 2008-01-03 09:44:40 +00:00 · a9ff90382e
parent bf9d6beaac
commit a9ff90382e
1 changed files with 12 additions and 12 deletions
--- a/etc/opensc.conf.in
+++ b/etc/opensc.conf.in
@ -314,18 +314,18 @@ app opensc-pkcs11 {
 		# slots.
 		hide_empty_tokens = yes;

-		# By default, the OpenSC PKCS#11 module will
-		# try to lock this card once you have authenticated
-		# to the card via C_Login. This is done so that no
-		# other user can connect to the card and perform
-		# crypto operations (which may be possible because
-		# you have already authenticated with the card).
-		#
-		# However, this also means that no other application
-		# that _you_ run can use the card until your application
-		# has done a C_Logout or C_Finalize. In the case of
-		# Netscape or Mozilla, this does not happen until
-		# you exit the browser.
+ 		# By default, the OpenSC PKCS#11 module will not lock
+ 		# this card once you have authenticated to the card via
+ 		# C_Login. This may add some risk as other users may connect
+ 		# to the card and perform crypto operations (which may be
+ 		# possible because you have already authenticated with the
+ 		# card). You may consider changing it to true.
+ 		#
+ 		# However, if you do, this also means that no other
+ 		# application that _you_ run can use the card until your
+ 		# application has done a C_Logout or C_Finalize. In the case
+ 		# of Netscape or Mozilla, this does not happen until you exit
+ 		# the browser.  
 		# Default: false
 		# lock_login = true;