mit-krb5 thread support -- fork safety

Nicolas Williams Nicolas.Williams at
Tue Apr 20 13:17:36 EDT 2004

On Tue, Apr 20, 2004 at 12:31:00PM -0400, Sam Hartman wrote:
> I know that I object to krb5_keyblock becoming invalid after fork.
> It's not particularly opaque and by definition, there is enough
> information in the keyblock for the crypto library to get it working
> again even if it needs to destroy memoized state.

Agreed.  I'm not sure that it can be done without unduly impacting
performance or otherwise making krb5_keyblock rather heavywait though.

In any case, I don't care about krb5_keyblock so much as I do about
other krb5 objects that may in turn make use of krb5_keyblock.


More information about the krbdev mailing list