[krbdev.mit.edu #5777] keytab iteration + search don't mix
Ken Raeburn via RT
rt-comment at krbdev.mit.edu
Fri Sep 28 12:52:13 EDT 2007
[raeburn - Wed Sep 26 14:48:42 2007]:
> (The add action
> works by appending;
> remove works by overwriting with a dummy value, all zeros aside from
> the length indicator.
> So I think mixing iterators and add/remove should be safe.)
Maybe not quite so safe... In the current implementation, if one process is using an iterator,
and another is adding and deleting entries, the iterating process will see a list of entries that
matches the file content the whole time the iterator is active. If we allow additions and
removals in between iterator calls, the iteration output may not match what the actual file
content was at any point in time.
So, if we want to preserve that property, additions and removals can't happen while an
iterator is active. In different threads, we can block the add/remove call, or make it return an
error. In the single-threaded case, we would have to always return an error for add/remove
calls.
More information about the krb5-bugs
mailing list