Formhandler

Please explain how Formhandler could affect the login status of a backend user.
I don't get it.

If configuration of backend is changed in localconf.php (e.g. $TYPO3_CONF_VARS['BE']['lockIP']) this problem occurs. Because you authenticate via TYPO3 routine with those information set (have a look at /typo3/init.php) and in your ext_tables.php those information are currently not set. So information from session (set with other IP-mask) does not match current authentication information and be user is logged out and it's not possible to re-login any more because this happens at every login.

Ok, I get it now, sorry.

The funny thing is, that I actually don't know why this code is even in there.
As far as I can see, it makes no sense to create a new backend user object, if TYPO3_MODE is 'BE'.

I guess with these lines of code you offer the opportunity to override standard flexform configuration per user.
You set standard flexform with
$file = 'FILE:EXT:' . $_EXTKEY . '/Resources/XML/flexform_ds.xml';
afterwards you try to get configuration from $tsConfig

That's right, but if TYPO3_MODE is BE there has to be a backend user object anyway. Maybe there isn't, if you run some automated tasks, but Formhandler shouldn't have to care about that.
Am I missing something?

I think at this point the be-user is not set, because you can also add own be-user authentication methods in ext_tables.php, so it would make no sense if the be-user is authenticated already.