comparison with other stored security state mechanisms [was: Re: Sharing Trust Policy between Crypto Libraries]

Simo Sorce simo at redhat.com
Mon Jan 14 12:21:24 PST 2013


On Mon, 2013-01-14 at 20:50 +0100, Gabor Toth wrote:
> As for the actual implementation of the database, one option is
> SQLite, which already implements a proper locking scheme for shared
> access across many applications, to facilitate frequent read/write
> operations. PKCS#11 would be another option, but not sure how
> libraries implementing it handle shared access. How does p11-kit
> handle this?

You can't use SQLite across different user processes boundaries, so if
you want to do this 'system wide ', it is off (and anything that relies
on collaborative locking like fcntl locks).

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York



More information about the p11-glue mailing list