A user's DCE credentials (stored in the directory /opt/dcelocal/var/security/creds) are not automatically removed by exiting a shell or
logging out. Unless any background processes require DCE credentials,
the credentials can be removed before logging out by running kdestroy utility.
This will make the system more secure by decreasing the opportunity
for someone to maliciously gain access to your network credentials.
The kdestroy command has been modified to allow destruction of credentials
older than a specified number of hours. kdestroy -e exp-period my be run manually
to purge older credential files.
Printable version
