Unfortunately, the cache file is replaced by a new inode by the
libraries when kinit() is run.
>
> Right. If telnetd keeps the file open it doesn't have to know what user
> owns it. It can find out with fstat(), or it can ignore the problem
> altogether:
>
> - if telnetd can update the credential file in place, and the file
> name itself is never replaced with a new inode then telnetd need not
> even know who should own the file;
>
> - if telnetd keeps the credentials cache file open then it need not
> worry about the original filename being changed;
>
> - if the cache file is ever replaced with a new inode by the libraries
> (I don't think so, I'd have to go look at the source), then telnetd
> can figure it out by using a link count heuristic on the open file
> descriptor;
>
> Telnetd can keep up, as long as cache file renaming and replacement are
> not mixed.
>
> Nico
>
>
> On Tue, Aug 15, 2000 at 12:14:20PM -0400, Jeffrey Altman wrote:
> > telnetd does know the filename but it does not know which user the
> > file should be owned by.
> >
> > >
> > > Could telnetd create the cache file and keep it open, thus obviating the
> > > need for it to know its future file name? Or perhaps an open Unix socket
> > > that PAM_KRB5 could use to communicate back to telnetd.
> > >
> --
>
Jeffrey Altman * Sr.Software Designer
The Kermit Project * Columbia University
612 West 115th St * New York, NY * 10025 * USA
http://www.kermit-project.org/ * kermit-support@kermit-project.org
