diff --git a/org.debian.pcsc-lite.policy b/org.debian.pcsc-lite.policy
index e089707..cbae505 100644
--- a/org.debian.pcsc-lite.policy
+++ b/org.debian.pcsc-lite.policy
@@ -11,8 +11,8 @@
Access to the PC/SC daemon
Authentication is required to access the PC/SC daemon
- yes
- yes
+ auth_admin
+ auth_admin
yes
@@ -21,8 +21,8 @@
Access to the smart card
Authentication is required to access the smart card
- yes
- yes
+ auth_admin
+ auth_admin
yes
diff --git a/pcsc-lite.spec b/pcsc-lite.spec
index d249b69..6823084 100644
--- a/pcsc-lite.spec
+++ b/pcsc-lite.spec
@@ -2,7 +2,7 @@
Name: pcsc-lite
Version: 1.8.10
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: PC/SC Lite smart card framework and applications
Group: System Environment/Daemons
@@ -121,6 +121,7 @@ rm $RPM_BUILD_ROOT%{_docdir}/pcsc-lite/README.DAEMON
%files
%doc AUTHORS ChangeLog DRIVERS HELP README SECURITY TODO
+%doc doc/README.polkit
%dir %{_sysconfdir}/reader.conf.d/
%{_unitdir}/pcscd.service
%{_unitdir}/pcscd.socket
@@ -149,6 +150,11 @@ rm $RPM_BUILD_ROOT%{_docdir}/pcsc-lite/README.DAEMON
%changelog
+* Tue Mar 11 2014 Nikos Mavrogiannopoulos - 1.8.10-3
+- The default installed polkit policy allows console users to access
+ smart cards. Non-interactive or remote usage now requires admin
+ rights, or a specific policy (see README.polkit)
+
* Tue Feb 11 2014 Nikos Mavrogiannopoulos - 1.8.10-2
- Added upstream patch to support polkit
- Force sanity of parameters received by the client