Proposed new krb5 FILE ccache protocol

Nico Williams nico at
Wed Jan 29 00:16:12 EST 2014

On Tue, Jan 28, 2014 at 11:01 PM, Nico Williams <nico at> wrote:
> On Tue, Jan 28, 2014 at 10:41 PM, Russ Allbery <eagle at> wrote:
>> Nico Williams <nico at> writes:
>>> The ancillary directory can be in $TMPDIR (we can assume at least /tmp),
>>> and the main file can be written by truncation as a fallback (with all
>>> the problems that that entails).
>> I'm dubious that the Kerberos libraries can safely assume that $TMPDIR or
>> /tmp are available.  Do they currently assume that somewhere?  (I'm
>> thinking of chroot cases, SELinux and other MAC use cases, jails,
>> namespace restrictions on Linux, etc.)

And to answer your question, krb5_cc_new_unique/gen_new() for the FILE
ccache to refer to /tmp by default, and a variety of functions,
including krb5_cc_default_name(), support expansion of a TEMP token to
whatever $TMPDIR is.

That said, there are surprisingly few uses of mkstemp() and friends in
the library.


More information about the krbdev mailing list