Please review the code changes at
http://cr.openjdk.java.net/~weijun/8036779/webrev.00/
The problem is that Java treats kdc_timeout as milliseconds but others
(NetBSD here) might treat it as seconds. With this code change, when the
number is <= 120, it's seconds, otherwise, milliseconds.
This does not sound like a safe update to me. Is it possible to
detected the actual kdc_timeout spec (for example, using the known
platform) of the underlying configuration?
Xuelei
On 5/14/2014 8:38 AM, Weijun Wang wrote:
Please review the code changes at
http://cr.openjdk.java.net/~we
What do you mean by detecting the platform? So if I find the file is also used
by NetBSD krb5 then I treat it as second and if not millisecond? That's quite
impossible. In my opinion, it all depends on how the writer is educated, Java
or some else.
How is this unsafe, especially compared to if
