Significant security fixes to ksu

* Use source euid all throughout procedure of opening source ccache,
Richard's code had a race condition.

* Use target euid while looking up .k5login and constructing target ccache.

* Avoid chowns completely; they create race conditions.  Fchown could
have been used if we wanted to be really careful, but they aren't
necessary and we would have to violate abstractions.

* Clean up several conditions that would allow users to delete
arbitrary files of the user they were ksuing to without authorization.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@8049 dc483132-0cff-0310-8789-dd5450dbe970

0 files changed, 0 insertions, 0 deletions