reassign 495879 pam found 495879 1.0.1-1 retitle 495879 pam_unix returns success when child process dies with signal severity 495879 minor tags 495879 = confirmed upstream reopen 495879 thanks
On Thu, Aug 21, 2008 at 01:46:40PM +1000, Ben Finney wrote: > The segfault in pam_authenticate needs to be addressed in the pam > package. > However, screen's behaviour in this instance is also buggy and > insecure: i.e., that screen treats "segfault in pam_authenticate" as > "successful authentication". > Cloning and retitling for this screen bug. No, there is no error in screen that I've found. I would have done this clone/reassign myself if I had been able to find one. The failure is that, when the child process that was spawned for unix_chkpwd dies with a signal, pam_unix itself returns PAM_SUCCESS. Julien Cristau has already worked on a patch for this, which is now in my possession and will be forwarded upstream when I get a chance. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
