ssh login with the gssapi-with-mic mechanism will fail with errors if user
home directories are restricted and not world-readable (e.g., 0700).
This patch corrects the issue.
The inability to disable ~/.k5login and ~/.k5login.d checks entirely is a
different shortcoming in Heimdal and not within this scope. The current
behavior in Heimdal retards the ability to enforce company security
policies that prohibit shared user accounts.