Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

TA09-022A: Apple QuickTime Updates for Multiple Vulnerabilities

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) TA09-022A: Apple QuickTime Updates for Multiple Vulnerabilities
# 1  
Old 01-22-2009
TA09-022A: Apple QuickTime Updates for Multiple Vulnerabilities
More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT MOJAVE

smartcardservices-legacy

SmartCardServices-legacy(7)			       BSD Miscellaneous Information Manual			       SmartCardServices-legacy(7)

NAME

     SmartCardServices-legacy -- overview of legacy SmartCard support

DESCRIPTION

     SmartCardServices-legacy is a set of components which add native support for SmartCards to OS X based on Tokend modules. Since OS X 10.12,
     there is  SmartCard support which is described in SmartCardServices(7)

     Supported SmartCards appear as separate keychains.  A Tokend module for each SmartCard you wish to use must be installed in
     /Library/Security/tokend

USB SMART CARD READER DRIVERS

     OS X has built-in support for USB CCID class-compliant SmartCard readers.	For other readers, install the reader driver in
     /usr/local/libexec/SmartCardServices/drivers.  Each driver is a bundle.  The bundle contains an XML file Info.plist which contains the
     device's USB vendor ID and product ID.  For detailed description of the plist format and how to write a reader driver, see
     http://pcsclite.alioth.debian.org/api/group__IFDHandler.html

SMART CARD APDU LOGGING

     It is possible to turn on logging for SmartCards by setting the global preference:

     sudo defaults write /Library/Preferences/com.apple.security.smartcard Logging -bool yes

     After a SmartCard reader is connected (or after reboot) all operations including contents of sent and received APDU messages are then logged
     into the system log.  Logging uses the facility com.apple.security.smartcard.log so it is possible to set up filtering of these logs into
     custom targets (see asl.conf(5))

     To avoid security risks that could occur if logging is turned on indefinitely, the logging setting is one-shot - it must be turned on by the
     command above to start logging again with a new reader.  This includes unplugging and replugging the same reader.

DISABLING NEW SMART CARD SUPPORT

     It is possible to turn of the new tokens by setting the global preference:

     sudo defaults write /Library/Preferences/com.apple.security.smartcard DisabledTokens -array com.apple.CryptoTokenKit.pivtoken

DISABLING SHEET AUTHORIZATION IN PREFERENCES

     When using tokend-based SmartCards, according to your configuration you may not be able to use SmartCards for authorization in System Prefer-
     ences sheets. In such case, you can disable sheets using following command:

     defaults write com.apple.Preferences UseSheets -bool FALSE

     System Preferences will then use the original dialog-based authorization.

ENTITLEMENT

     Sandboxed PCSC clients require 'com.apple.security.smartcard=YES' entitlement. Non-sandboxed PCSC clients do not require such entitlement (in
     order to keep backward compatibility with macOS < 10.10).

SEE ALSO

     SmartCardServices(7), sc_auth(8), defaults(1), asl.conf(5), ssh-keychain(8)

Mac OS X							  August 5, 2014							  Mac OS X