Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
X-Mailer: MIME-tools 5.411 (Entity 5.404)
Subject: krb5_verify_init_creds() is not thread safe
X-RT-Original-Encoding: iso-8859-1
Content-Length: 344

krb5_verify_init_creds() is not thread safe.  In the case where the
creds provided to krb5_verify_init_creds() do not match the server, a
ccache is constructed with the name "MEMORY:rd_req". This is not thread
safe because all threads will use the same ccache name and will collide.
This can result in either false positives or false negatives.