p11-kit: Remove the 'isolated' option for now

This option was not completed in time, and as implemented suffers
from limitations that the module is not really completely isolated
as it still runs under the same user id as the calling process.

1 files changed, 0 insertions, 13 deletions

diff --git a/p11-kit/modules.c b/p11-kit/modules.c
index bc6f768..8aaa769 100644
--- a/p11-kit/modules.c
+++ b/p11-kit/modules.c
@@ -486,7 +486,6 @@ take_config_and_load_module_inlock (char **name,
 	const char *remote = NULL;
 	char *value = NULL;
 	CK_RV rv = CKR_OK;
-	bool isolated;
 	Module *mod;
 
 	assert (name);
@@ -506,18 +505,6 @@ take_config_and_load_module_inlock (char **name,
 		}
 	}
 
-	/* The 'isolated' setting is just a simple way to configure remote */
-	isolated = _p11_conf_parse_boolean (p11_dict_get (*config, "isolated"), false);
-	if (isolated) {
-		if (remote) {
-			p11_message ("ignoring 'isolated' on module '%s' because 'remote' is set", *name);
-		} else {
-			if (asprintf (&value, "|" BINDIR "/p11-kit remote '%s'", filename) < 0)
-				return_val_if_reached (CKR_DEVICE_ERROR);
-			remote = value;
-		}
-	}
-
 	if (remote != NULL) {
 		rv = setup_module_for_remote_inlock (*name, remote, &mod);
 		if (rv != CKR_OK)