diff options
author | Stef Walter <stefw@redhat.com> | 2014-10-01 17:14:50 +0200 |
---|---|---|
committer | Stef Walter <stefw@redhat.com> | 2014-10-01 17:14:50 +0200 |
commit | d3505c2b556b859e1a14062579fd67ec2ab25435 (patch) | |
tree | 7ce15d624a715d1fc96b8dd3a3b63fee4abf49cd /p11-kit | |
parent | c41e0e1d9a4a9a4533bc6f370e5eebe1d6b9752c (diff) |
p11-kit: Remove the 'isolated' option for now
This option was not completed in time, and as implemented suffers
from limitations that the module is not really completely isolated
as it still runs under the same user id as the calling process.
Diffstat (limited to 'p11-kit')
-rw-r--r-- | p11-kit/modules.c | 13 |
1 files changed, 0 insertions, 13 deletions
diff --git a/p11-kit/modules.c b/p11-kit/modules.c index bc6f768..8aaa769 100644 --- a/p11-kit/modules.c +++ b/p11-kit/modules.c @@ -486,7 +486,6 @@ take_config_and_load_module_inlock (char **name, const char *remote = NULL; char *value = NULL; CK_RV rv = CKR_OK; - bool isolated; Module *mod; assert (name); @@ -506,18 +505,6 @@ take_config_and_load_module_inlock (char **name, } } - /* The 'isolated' setting is just a simple way to configure remote */ - isolated = _p11_conf_parse_boolean (p11_dict_get (*config, "isolated"), false); - if (isolated) { - if (remote) { - p11_message ("ignoring 'isolated' on module '%s' because 'remote' is set", *name); - } else { - if (asprintf (&value, "|" BINDIR "/p11-kit remote '%s'", filename) < 0) - return_val_if_reached (CKR_DEVICE_ERROR); - remote = value; - } - } - if (remote != NULL) { rv = setup_module_for_remote_inlock (*name, remote, &mod); if (rv != CKR_OK) |