MEMORY keytabs - how should they be destroyed?
jhutz at cmu.edu
Thu Jan 25 05:49:21 EST 2007
On Wed, 24 Jan 2007, Sam Hartman wrote:
> I don't have a problem with krb5_kt_destroy() if we conclude that
> memory keytabs want to work like memory ccaches and be referenced
> through krb5_kt_resolve.
I think this is the right approach. Memory keytabs should work just like
any other keytab. They should be resolvable via krb5_kt_resolve, and
should not mysteriously disappear when not in use. I have written code
which uses memory keytab support in heimdal, and find the destroy-on-close
semantic annoying at best.
> It's not very clear to me. That seems like an excellent way for a key
> to end up being used in an unintended scope. My recommended
> implementation would be for memory keytabs to be created giving you a
> keytab handle that you must pass to anyone who can access the key
A function which does this might be interesting, but it would be a
backend-specific interface, and I believe that being able to exclusively
use the backend-independent API is important.
More information about the krbdev