[krbdev.mit.edu #3499] race in replay cache file ownership
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Tue Jul 15 13:32:14 EDT 2008
We should do the check after opening.
However, there are device files on some UNIX platforms where opening the file at all can have
potentially undesirable effects. So I think it's probably a good idea to keep the check before
opening, as well. (Though perhaps we want to use lstat, and make sure the replay cache "file"
isn't actually a symlink.)
More information about the krb5-bugs
mailing list