[1752] in Kerberos-V5-bugs
Re: cache file bug
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Thu Dec 21 18:32:01 1995
Date: Thu, 21 Dec 1995 18:31:58 -0500
From: Theodore Ts'o <tytso@MIT.EDU>
To: Andrew Gross <grossa@SDSC.EDU>
Cc: krb5-bugs@MIT.EDU
In-Reply-To: "[1750] in Kerberos-V5-bugs"
From: Andrew Gross <grossa@SDSC.EDU>
Date: Wed, 20 Dec 95 02:06:37 PST
There is a small problem where by kinit will store the ccache file
through a symlink. This can be used to force a user's tickets to be
stored on an NFS mounted (or exported) partition. This is the same
bug that was reported in elm recently.
I think that adding O_EXCL to the FCC_OPEN_AND_ERASE option of
krb5_fcc_open_file() (fcc_maybe.c) will take care of the problem.
The corresponding change will be needed in krb5_scc_open_file().
Thanks for reporting this! However, it's not enough to just add O_EXCL,
though; you need to unlink(data->filename) as well, in case a
credentials cache with that filename already exists.
- Ted
