mit-krb5 thread support -- fork safety
jaltman at columbia.edu
Mon Apr 19 16:38:14 EDT 2004
Nicolas Williams wrote:
> Others could remain valid:
> - krb5_principal
> - krb5_ccache
> - krb5_keytab
I don't think a krb5_ccache object can be safely used after
a fork. The krb5_ccache object is opaque and may refer to
data structures or kernel objects which are not inheritable.
Depending on how the krb5_keytab is implemented on a given
system the same could be true.
The only items which I believe are safe to maintain are the
names of the principal, ccache and keytab. The child process
should be required to obtain new access to the objects in
order to ensure that reference counting is properly maintained.
- Jeffrey Altman
More information about the krbdev