You have been subscribed to a public bug by Jamie Strandboge (jdstrand):

Binary package hint: libpam-mysql

Hello,

if you try in your sasl-auth config with the pam_mysql.so (from libpam-
mysql) the where option this breake the SQL query.

This config line:
auth    required   pam_mysql.so user=XXXX passwd=XXXX host=127.0.0.1 
db=emailserv table=emailuser usercolumn=email passwdcolumn=password crypt=1 
[where=active='1'  AND postfix='1']

result in this (bad) query:
 SELECT password FROM emailuser WHERE email = 'XXXX' AND (active=\'1\' AND 
postfix=\'1\')

My system:
lsb_release -rd
Description:    Ubuntu 8.04
Release:        8.04

** Affects: pam-mysql (Ubuntu)
     Importance: Undecided
         Status: New

-- 
pam_mysql where option escapes ' and " and than extra where options destroy the 
sql-query
https://bugs.launchpad.net/bugs/237010
You received this bug notification because you are a member of Ubuntu Bugs, 
which is a direct subscriber.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to