Audit tools such as lint and Coverity's SECURE_CODING checker flag all uses of functions which are often used unsafely. For Coverity, these include strcpy, strcat, sprintf, all *scanf variants, random, lrand48, and rand. Although these functions are used safely within the krb5 code base to the best of our knowledge, their use is undesirable because ensuring their safety requires manual investigation each time the code base is audited (by us or by others). This ticket will track the process of eliminating these uses.