FIRST: 

	In NONE of the uses of strcpy/cat was I able to find a possible
exploit. However, I sleep better at night knowing that they aren't in
code I'm responsible for. 

	There's also a bit of the changes I made for kerberos. They
are all ifdef'd so it shouldn't break things. By the time I decided to
publish these patches the code was intertwined enough that it was
too much hassle to separate out just the strcat/cpy stuff.