Skip Menu |

Date: Thu, 27 Sep 2012 10:49:52 -0500
Subject: kdb5_util dump race can leave policy refcounts incorrect
From: Nico Williams <>
kdb5_util does not lock the KDB across both record iteration
operations that it does (principals and policies) unless the dump
format requested is an iprop dump format. I don't understand why the
utility locks the whole KDB in the iprop case but not in the non-iprop
cases. A change to any principal's policy assignment that sneaks in
between the iteration of principals and the iteration of policies,
will result in the dump having incorrect policy refcounts. If such a
dump is propagated to a slave that then gets promoted to master then
the incorrect policy refcount will matter.
Subject: SVN Commit

Fix policy refcount corruption race in dump
Author: Nicolas Williams <>
Committer: Greg Hudson <>
Commit: e65a16d898f3a686525e83661f4fd86c76e27bbf
Branch: master
src/kadmin/dbutil/dump.c | 20 ++++++++++----------
1 files changed, 10 insertions(+), 10 deletions(-)